I have an embedded board which I am running Linux on it. Linux is booted via uboot. The full Linux image is build as Initramfs. When the system is booted I find that the root FS is read write. My understanding is that the Initramfs should be by default read only. Right?
I have tried to change boot parameter in uboot as well to have it read only, but it had no effect. I wonder what to do to make the Initramfs read only by default?
The full Linux image is build as Initramfs.
That's a poorly worded, if not inaccurate, description.
An initramfs uses a cpio archive file, which is not an image file.
The cpio archive file can be linked into the Linux kernel image.
An initramfs "image" is always a cpio archive file, and not a filesystem image.
My understanding is that the Initramfs should be by default read only. Right?
Wrong.
It makes no sense to mount the initramfs as a read-only filesystem.
When the initramfs is created and mounted, it's an empty filesystem.
If it was mounted read-only, then the initramfs could not be populated with its cpio archive, and the initramfs would remain an empty filesystem.
The suggestion to use a kernel command line parameter such as root=/dev/ram ro indicates a confusion between (deprecated) ramdisk and ramfs.
See Linux kernel Documentation/filesystems/ramfs-rootfs-initramfs.txt
I wonder what to do to make the Initramfs read only by default?
You can remount it to be read-only.
See http://lkml.iu.edu/hypermail/linux/kernel/0908.1/01693.html
and
https://serverfault.com/questions/463828/linux-initramfs-read-only