From 8877e263e1801802f54dbf6b1b4bf892f5adcc3e Mon Sep 17 00:00:00 2001
From: Alexander Popov <alex.popov@linux.com>
Date: Sat, 17 Dec 2022 02:35:43 +0300
Subject: [PATCH] Remove the AIO check

Currently GrapheneOS doesn't have it.
---
 kconfig_hardened_check/__init__.py | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index 28a955b..797e3e0 100644
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -638,9 +638,6 @@ def add_kconfig_checks(l, arch):
     l += [KconfigCheck('cut_attack_surface', 'maintainer', 'BLK_DEV_FD', 'is not set')] # recommended by Denis Efremov in /pull/54
     l += [KconfigCheck('cut_attack_surface', 'maintainer', 'BLK_DEV_FD_RAWCMD', 'is not set')] # recommended by Denis Efremov in /pull/62
 
-    # 'cut_attack_surface', 'grapheneos'
-    l += [KconfigCheck('cut_attack_surface', 'grapheneos', 'AIO', 'is not set')]
-
     # 'cut_attack_surface', 'clipos'
     l += [KconfigCheck('cut_attack_surface', 'clipos', 'STAGING', 'is not set')]
     l += [KconfigCheck('cut_attack_surface', 'clipos', 'KSM', 'is not set')] # to prevent FLUSH+RELOAD attack
-- 
2.31.1