security: hardening: Update general recommendations

Update security recommendations. That is not a
thorough list though.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>

scripts/kconfig/hardened.csv

@@ -1,43 +1,50 @@
-HW_STACK_PROTECTION,y
-INIT_STACKS,n
 BOOT_BANNER,n
 BOOT_DELAY,0
-THREAD_MONITOR,n
-THREAD_NAME,n
-STACK_CANARIES,y
-EXECUTE_XOR_WRITE,y
-STACK_POINTER_RANDOM,100
 BOUNDS_CHECK_BYPASS_MITIGATION,y
-STATS,n
-TRACING,n
-OVERRIDE_FRAME_POINTER_DEFAULT,y
-LOG,n
-SHELL,n
-TEST_RANDOM_GENERATOR,n
-TIMER_RANDOM_GENERATOR,n
-ZTEST,n
-TEST,n
-TEST_SHELL,n
-TEST_EXTRA_STACK_SIZE,0
-TEST_USERSPACE,n
+BT_CONN_DISABLE_SECURITY,n
+BT_DEBUG_KEYS,n
+BT_DEBUG_SMP,n
+BT_FIXED_PASSKEY,n
+BT_LOG_SNIFFER_INFO,n
+BT_OOB_DATA_FIXED,n
+BT_SMP_ENFORCE_MITM,y
+BT_STORE_DEBUG_KEYS,n
+BT_TESTING,n
+BT_USE_DEBUG_KEYS,n
 BUILD_OUTPUT_STRIPPED,y
+BUILTIN_STACK_GUARD,y
+CORTEX_M_DEBUG_MONITOR_HOOK,n
+DMA_INTEL_ADSP_GPDMA_DEBUG,n
+ESPI_PERIPHERAL_DEBUG_PORT_80,n
+ETH_E1000_VERBOSE_DEBUG,n
+ETH_MCUX_PHY_EXTRA_DEBUG,n
+EXECUTE_XOR_WRITE,y
+FAULT_DUMP,0
+HW_STACK_PROTECTION,y
+INIT_STACKS,n
+LOG,n
+MODEM_CONTEXT_VERBOSE_DEBUG,n
+MPU_STACK_GUARD,y
+OVERRIDE_FRAME_POINTER_DEFAULT,y
+SHELL,n
 SOC_ATMEL_SAME70_DISABLE_ERASE_PIN,y
 SOC_ATMEL_SAME70_WAIT_MODE,n
-FAULT_DUMP,0
-X86_MMU,y
-BUILTIN_STACK_GUARD,y
-MPU_STACK_GUARD,y
+SOC_MEC1501_DEBUG_DISABLED,y
+STACK_CANARIES,y
+STACK_POINTER_RANDOM,100
 STACK_SENTINEL,y
-BT_OOB_DATA_FIXED,n
-BT_FIXED_PASSKEY,n
-BT_DEBUG_KEYS,n
-BT_LOG_SNIFFER_INFO,n
-BT_USE_DEBUG_KEYS,n
-BBT_RFCOMMT_STORE_DEBUG_KEYS,n
-BT_CONN_DISABLE_SECURITY,n
-MCUMGR_CMD_FS_MGMT,n
-TRACING_CTF,n
-USE_SEGGER_RTT,n
+STATS,n
+TEST,n
+TEST_RANDOM_GENERATOR,n
+TEST_SHELL,n
+TEST_USERSPACE,n
+TFM_CMAKE_BUILD_TYPE_DEBUG,n
+THREAD_MONITOR,n
+THREAD_NAME,n
+TIMER_RANDOM_GENERATOR,n
+TRACING,n
+X86_MMU,y
+ZTEST,n
 
 # Experimental options