diff --git a/share/man/man4/md.4 b/share/man/man4/md.4 index f13aa4d2f676..ec734a913c1c 100644 --- a/share/man/man4/md.4 +++ b/share/man/man4/md.4 @@ -7,7 +7,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 5, 2017 +.Dd December 7, 2017 .Dt MD 4 .Os .Sh NAME @@ -79,7 +79,8 @@ To create a kernel with a ramdisk or MD file system, your kernel config needs the following options: .Bd -literal -offset indent options MD_ROOT # MD is a potential root device -options MD_ROOT_SIZE=8192 # 8MB ram disk +options MD_ROOT_READONLY # disallow mounting root writeable +options MD_ROOT_SIZE=8192 # 8MB ram disk makeoptions MFS_IMAGE=/h/foo/ARM-MD options ROOTDEVNAME=\\"ufs:md0\\" .Ed diff --git a/sys/conf/NOTES b/sys/conf/NOTES index be9572b5ee59..9d1ec64895b4 100644 --- a/sys/conf/NOTES +++ b/sys/conf/NOTES @@ -1101,6 +1101,9 @@ options MD_ROOT_SIZE=10 # images of type mfs_root or md_root. options MD_ROOT +# Write-protect the md root device so that it may not be mounted writeable. +options MD_ROOT_READONLY + # Disk quotas are supported when this option is enabled. options QUOTA #enable disk quotas diff --git a/sys/conf/options b/sys/conf/options index 6c1099243420..b83926f18a98 100644 --- a/sys/conf/options +++ b/sys/conf/options @@ -165,6 +165,7 @@ MAC_STUB opt_dontuse.h MAC_TEST opt_dontuse.h MD_ROOT opt_md.h MD_ROOT_FSTYPE opt_md.h +MD_ROOT_READONLY opt_md.h MD_ROOT_SIZE opt_md.h MFI_DEBUG opt_mfi.h MFI_DECODE_LOG opt_mfi.h diff --git a/sys/dev/md/md.c b/sys/dev/md/md.c index ee76b4f54ba7..3c4075094a19 100644 --- a/sys/dev/md/md.c +++ b/sys/dev/md/md.c @@ -1791,9 +1791,15 @@ md_preloaded(u_char *image, size_t length, const char *name) sc->start = mdstart_preload; if (name != NULL) strlcpy(sc->file, name, sizeof(sc->file)); -#if defined(MD_ROOT) && !defined(ROOTDEVNAME) - if (sc->unit == 0) +#ifdef MD_ROOT + if (sc->unit == 0) { +#ifndef ROOTDEVNAME rootdevnames[0] = MD_ROOT_FSTYPE ":/dev/md0"; +#endif +#ifdef MD_ROOT_READONLY + sc->flags |= MD_READONLY; +#endif + } #endif mdinit(sc); if (name != NULL) {