Igor Stoppa posted a patch to allow kernel memory
pools to be made read-only.
Memory pools are a standard way to group memory allocations in Linux so their time
cost is more predictable. With Igor's patch, once a memory pool was made read-only,
it could not be made read-write again. This would secure the data for good and
against attackers. Of course, you could free the memory and destroy the pool. But
short of that, the data would stay read-only.