2 Checks Recommended by Timesys Hardening Guide CONFIG_DEBUG_BUGVERBOSE & CONFIG_ZSMALLOC

[wryMitts]

Found here:
https://timesys.com/pdf/Timesys-kernel-hardening-guide.pdf Dated 2022
https://web.archive.org/web/20241227042743/https://timesys.com/pdf/Timesys-kernel-hardening-guide.pdf

This seems useful for the project:
DEBUG_BUGVERBOSE=is not set

Make sure this is not enabled, as it could provide an attacker
sensitive kernel backtrace information on BUG() conditions

Not sure on this one?:
ZSMALLOC=is not set

Do not enable memory allocator for compressed pages (slab-based
memory allocator designed to store compressed RAM pages via
virtual memory mapping

[thestinger]

Not enabling ZSMALLOC does technically reduce attack surface just like disabling lots of other kernel functionality but it's unclear why they're specifically recommending disabling it. I don't think it makes sense to include as a recommendation without specific reasoning for it.