Added new kernel parameter: "readonly"

The parameter treats boot media as read-only at the block device level;
OTFE volume is not mounted.

It would be possible to mount OTFE read-only instead (losetup -r,
cryptsetup --readonly, mount -r), but doing so would break normal workflow.

Mounting OTFE as a Unionfs (ro OTFE + rw tmpfs) is a possibility
to consider.

src/root/config/syslinux.cfg

@@ -2,10 +2,11 @@
 ## PREFIX:      /liberte, makes syslinux.cfg relocatable (replaced during ./setup)
 ## VERSION:     distribution version                     (replaced during ./setup)
 ## CONSOLEFONT: psf(u) console font                      (replaced during ./setup)
-## TAG:         [USB], [CD], ...                   (replaced during image creation)
-## ROOTFS:      vfat, ext2, iso9660, squashfs, ... (replaced during image creation)
-## FSFLAGS:     noatime,...                        (replaced during image creation)
-# Optional parameters:     cdroot=/dev/xxx, debug, gentoo={root,nox,nosettings,i2p}
+## TAG:         [USB], [CD], ...                         (replaced during mkimage)
+## ROOTFS:      vfat, ext2, iso9660, squashfs, ...       (replaced during mkimage)
+## FSFLAGS:     noatime,...                              (replaced during mkimage)
+# Optional parameters:     cdroot=/dev/xxx, debug, readonly,
+#                          gentoo={root,nox,nosettings,i2p}
 # Available splash themes: liberte, liberty, silent
 
 DEFAULT liberte
@@ -26,7 +27,7 @@ LABEL liberte
     TEXT HELP
 Select for normal boot with modern video cards.
 In splash screen, press F2 for verbose mode.
-Optional parameters: gentoo=i2p,nosettings,root, cdroot=/dev/xxx
+Optional parameters: gentoo=nosettings,i2p,root, readonly, cdroot=/dev/xxx
     ENDTEXT
 
 # nomodeset: KMS is incompatible with framebuffer
@@ -38,7 +39,7 @@ LABEL nokms
     TEXT HELP
 Select for normal boot with VESA framebuffer and no kernel mode-setting.
 In splash screen, press F2 for verbose mode.
-Optional parameters: gentoo=i2p,nosettings,root, cdroot=/dev/xxx
+Optional parameters: gentoo=nosettings,i2p,root, readonly, cdroot=/dev/xxx
     ENDTEXT
 
 # nomodeset: KMS is problematic with console screen blanking

src/root/initrd/init

@@ -128,21 +128,21 @@ while true; do
 
                 # Unless the media is already in ro mode, write-protect it during mount
                 mediaro=`blockdev --getro ${mediadev} 2>/dev/null` || mediaro=1
-                [ ${mediaro} == 1 ] || blockdev --setro ${mediadev}
+                [ ${mediaro} = 1 ] || blockdev --setro ${mediadev}
 
                 if mount -r -t ${param_cdroot_type} -o ${param_cdroot_flags} ${mediadev} ${sboot} >/dev/null 2>&1; then
                     # Check for the recognition file
                     if [ -e ${sboot}${param_loop} ]; then
                         good_msg "Media found on ${mediadev}"
 
-                        [ ${mediaro} == 1 ] || blockdev --setrw ${mediadev}
+                        [ ${mediaro} = 1 -o -n "${param_readonly}" ] || blockdev --setrw ${mediadev}
                         break 2
                     else
                         umount ${sboot}
                     fi
                 fi
 
-                [ ${mediaro} == 1 ] || blockdev --setrw ${mediadev}
+                [ ${mediaro} = 1 ] || blockdev --setrw ${mediadev}
                 waitmsg=1
             fi
         fi