From f6a16258a116ce5c5f4f6bad9d8ab9b6e1ec6bb7 Mon Sep 17 00:00:00 2001
From: Raja Grewal <rg_public@proton.me>
Date: Sat, 3 Aug 2024 00:11:06 +1000
Subject: [PATCH] Add references to KSPP

---
 etc/default/grub.d/40_kernel_hardening.cfg | 1 +
 usr/lib/sysctl.d/990-security-misc.conf    | 1 +
 2 files changed, 2 insertions(+)

diff --git a/etc/default/grub.d/40_kernel_hardening.cfg b/etc/default/grub.d/40_kernel_hardening.cfg
index f36dac0..b1b3055 100644
--- a/etc/default/grub.d/40_kernel_hardening.cfg
+++ b/etc/default/grub.d/40_kernel_hardening.cfg
@@ -18,6 +18,7 @@ kver="$(dpkg-query --show --showformat='${Version}' "$kpkg")" 2>/dev/null || tru
 ## 1. Kernel Space:
 ##
 ## https://madaidans-insecurities.github.io/guides/linux-hardening.html#boot-parameters
+## https://kspp.github.io/Recommended_Settings#kernel-command-line-options
 
 ## Disable merging of slabs with similar size.
 ## Reduces the risk of triggering heap overflows.
diff --git a/usr/lib/sysctl.d/990-security-misc.conf b/usr/lib/sysctl.d/990-security-misc.conf
index 40ab0ff..e795339 100644
--- a/usr/lib/sysctl.d/990-security-misc.conf
+++ b/usr/lib/sysctl.d/990-security-misc.conf
@@ -23,6 +23,7 @@
 ## 1. Kernel Space:
 ##
 ## https://madaidans-insecurities.github.io/guides/linux-hardening.html#sysctl-kernel
+## https://kspp.github.io/Recommended_Settings#sysctls
 ## https://wiki.archlinux.org/title/Security#Kernel_hardening
 
 ## Restrict kernel address visibility via /proc and other interfaces, regardless of user privileges.