I ran CISOfy’s lynis tool on the following kernels from the repos
5.10.53-1-MANJARO
5.12.19-1-MANJARO
They both scored 63.
Then I compiled the 5.12.19-hardened1-1-hardened-cacule kernel from the AUR & ran the test again. It got a 65.
Just changing the kernel increased the score of a clean install by 2 points.
I realise that this is just One metric from One test and we cannot deduce conclusions here.
But it is worth considering & looking into further.
The issue of unofficial kernels has been discussed [here].
The general consensus was that unofficial kernels would increase instability.
Feature request FAQ states that if a package is available in the AUR then the request might be declined - however, given the fact that compiling kernels is a resource & time-intensive task, that unofficial kernels increase instability anyway, and the tangible benefits of the hardened kernel; I believe that this should be considered seriously.
I am not allowed to post links? So you’ll have to search for CISOfy/lynis on GitHub.
I ran the default audit ./lynis audit system which considers a whole bunch of things, including boot system, memory & services, file permissions, and of course, kernel hardnening; to name a few.
If the test was localised to the kernel then the difference would be even greater.
If you want these as your default add them to a sysctl config file or add them to your kernel command line. Use the expected value form your output.
If you just want these options there is no need for the linux-hardened.