Disabling SELinux's runtime disable

Moving the function vectors to __ro_after_init could probably be done without disabling the entire feature by using a temporary writable alias (a fixmap?) when modifying them, similar to how e.g. the kernel patches its text. That way the window during which an attacker can use an OOB write (for example) to modify those structs will remain small, making exploitation much less practical. Not being familiar with all the history behind the change, I assume this type of approach has been discussed? Would anyone with enough background be able to share more details as to why this wasn't pursued?