From a486a6405f078d1611ec5e4af980bbe13f94c804 Mon Sep 17 00:00:00 2001
From: Alexander Popov <alex.popov@linux.com>
Date: Sat, 19 Jun 2021 14:49:03 +0300
Subject: [PATCH] Think about kptr_restrict later (KSPP recommends to set it to
 1)

---
 kconfig_hardened_check/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index 563091c..42d3eeb 100644
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -35,7 +35,7 @@
 #           ssbd=force-on
 #
 # N.B. Hardening sysctls:
-#    kernel.kptr_restrict=2
+#    kernel.kptr_restrict=2 (or 1?)
 #    kernel.dmesg_restrict=1
 #    kernel.perf_event_paranoid=3
 #    kernel.kexec_load_disabled=1
-- 
2.31.1