From b3ab0ddccce90402a0332532df15d3433f7aaa50 Mon Sep 17 00:00:00 2001
From: optout <git@archaic.33mail.com>
Date: Thu, 1 Feb 2024 15:12:29 +0000
Subject: [PATCH] Documentation updates

---
 README.md | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index a628dae..e9c8a4d 100644
--- a/README.md
+++ b/README.md
@@ -11,6 +11,11 @@
 ### Trimming Efforts
 - While linux-hardened security patchsets along with kernel configurations are notable for this kernel project, the purpose was to practice minimalism by reducing the size of the linux kernel, thereby cutting attack surface. This is not a trivial thing to record, therefore we are displaying the size purely as a point of comparison.
 
+|Plague |
+|--- | --- |
+|Size (/lib/modules/)|47.0 MB |
+|Size (vmlinuz)|8.1 MB|
+
 
 ### Current kconfig-hardened-check results
 #### Successes
@@ -185,6 +190,7 @@ CONFIG_TRIM_UNUSED_KSYMS                |     y      |    my    |cut_attack_surf
 CONFIG_MODULE_FORCE_LOAD                | is not set |    my    |cut_attack_surface| OK
 CONFIG_COREDUMP                         | is not set |  clipos  | harden_userspace | OK
 CONFIG_ARCH_MMAP_RND_BITS               |     32     |    my    | harden_userspace | OK
+CONFIG_BINFMT_MISC                      | is not set |   kspp   |cut_attack_surface| OK
 
 #### Fails
 Option | Desired Value | Source | Reason | Result |
@@ -210,7 +216,6 @@ CONFIG_CFI_CLANG                        |     y      |   kspp   | self_protectio
 CONFIG_CFI_PERMISSIVE                   | is not set |   kspp   | self_protection  | FAIL: CONFIG_CFI_CLANG is not "y"
 CONFIG_SECURITY_SELINUX_BOOTPARAM       | is not set |   kspp   | security_policy  | FAIL: "y"
 CONFIG_SECURITY_SELINUX_DEVELOP         | is not set |   kspp   | security_policy  | FAIL: "y"
-CONFIG_BINFMT_MISC                      | is not set |   kspp   |cut_attack_surface| FAIL: "m"
 CONFIG_MODULES                          | is not set |   kspp   |cut_attack_surface| FAIL: "y"
 CONFIG_FAIL_FUTEX                       | is not set |  grsec   |cut_attack_surface| OK: is not found
 CONFIG_KCMP                             | is not set |  grsec   |cut_attack_surface| FAIL: "y"
@@ -220,5 +225,5 @@ CONFIG_USER_NS                          | is not set |  clipos  |cut_attack_surf
 CONFIG_BPF_SYSCALL                      | is not set | lockdown |cut_attack_surface| FAIL: "y"
 
 ```
-[+] Config check is finished: 'OK' - 168 / 'FAIL' - 28
+[+] Config check is finished: 'OK' - 169 / 'FAIL' - 27