From 793ee786cdc2a7e1a19856e63659cffe84689f16 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Herm=C3=A8s=20B=C3=A9lusca-Ma=C3=AFto?=
 <hermes.belusca-maito@reactos.org>
Date: Thu, 14 Dec 2023 22:15:58 +0100
Subject: [PATCH] [NTOS:CM] Initially start the registry in read-only mode.

Disable registry hive writes, until the IO subsystem is initialized
and disk access is enabled (when the SM signals so after AUTOCHK).
---
 ntoskrnl/config/cmsysini.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/ntoskrnl/config/cmsysini.c b/ntoskrnl/config/cmsysini.c
index 48bb2c1a3de..50283132745 100644
--- a/ntoskrnl/config/cmsysini.c
+++ b/ntoskrnl/config/cmsysini.c
@@ -24,7 +24,11 @@ PEPROCESS CmpSystemProcess;
 PVOID CmpRegistryLockCallerCaller, CmpRegistryLockCaller;
 BOOLEAN CmpFlushOnLockRelease;
 BOOLEAN CmpSpecialBootCondition;
-BOOLEAN CmpNoWrite;
+
+/* Disable registry hive writes, until the IO subsystem is initialized
+ * and disk access is enabled (when the SM signals so after AUTOCHK) */
+BOOLEAN CmpNoWrite = TRUE;
+
 BOOLEAN CmpWasSetupBoot;
 BOOLEAN CmpProfileLoaded;
 BOOLEAN CmpNoVolatileCreates;
@@ -1469,9 +1473,10 @@ CmpInitializeHiveList(VOID)
     ULONG i;
     USHORT RegStart;
     PSECURITY_DESCRIPTOR SecurityDescriptor;
+
     PAGED_CODE();
 
-    /* Allow writing for now */
+    /* Reenable hive writes now */
     CmpNoWrite = FALSE;
 
     /* Build the file name and registry name strings */