From 28ac396b04d20fe509842be98b5e6fdf169854e8 Mon Sep 17 00:00:00 2001
From: Daniel Micay <daniel.micay@grapheneos.org>
Date: Thu, 31 Oct 2024 22:05:04 -0400
Subject: [PATCH] clarify that cachestat is already blocked for apps

---
 static/releases.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/static/releases.html b/static/releases.html
index 9e66d73b..efb46683 100644
--- a/static/releases.html
+++ b/static/releases.html
@@ -565,7 +565,7 @@
                         <li>enable stamp configuration for microdroid kernel builds to set LOCALVERSION based on version control information as expected</li>
                         <li>kernel (6.6): disable unused hibernation support</li>
                         <li>kernel (6.6): disable unused TIOCSTI ioctl (already blocked via standard Android SELinux ioctl filtering)</li>
-                        <li>kernel (6.6): disable unused cachestat system call</li>
+                        <li>kernel (6.6): disable unused cachestat system call (already blocked for apps via standard Android seccomp-bpf policy)</li>
                         <li>kernel (6.6): enable random kmalloc caches for x86_64 and microdroid too, not only bare metal arm64</li>
                         <li>kernel (6.6): enable full struct randomization for x86_64 and microdroid too, not only bare metal arm64</li>
                         <li>kernel (6.6): enable DEBUG_SG for microdroid too, not only bare metal</li>