Post-init read-only memory

To oops or not to oops is a policy question, right? Aren't LSMs the vector for making and enforcing security-related policy decisions? So trigger a LSM hook and let that policy make the proper decision for that organization/system/cluster/server/toaster. That allows the most flexibility, including the possibility of simultaneously using all 3 proposed actions (oops, relocate and write, and silently drop) customized for each module.