Make a move towards ending 4 decades of kernel snooping.

Add sysctl kern.allowkmem (default 0) which controls the ability to open
/dev/mem or /dev/kmem at securelevel > 0.  Over 15 years we converted 99%
of utilities in the tree to operate on sysctl-nodes (either by themselves
or via code hiding in the guts of -lkvm).

pstat -d and -v & procmap are affected and continued use of them will
require kern.allowkmem=1 in /etc/sysctl.conf.  acpidump (and it's
buddy sendbug) are affected, but we'll work out a solution soon.

There will be some impact in ports.

ok kettenis guenther

3 files changed, 36 insertions, 6 deletions

diff --git a/usr.sbin/acpidump/acpidump.8 b/usr.sbin/acpidump/acpidump.8
index 650c683acd1..ff8747898a2 100644
--- a/usr.sbin/acpidump/acpidump.8
+++ b/usr.sbin/acpidump/acpidump.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: acpidump.8,v 1.15 2014/03/13 21:14:08 brynet Exp $
+.\"	$OpenBSD: acpidump.8,v 1.16 2016/09/25 15:23:37 deraadt Exp $
 .\"
 .\" Copyright (c) 1999 Doug Rabson <dfr@FreeBSD.org>
 .\" Copyright (c) 2000 Mitsuru IWASAKI <iwasaki@FreeBSD.org>
@@ -29,7 +29,7 @@
 .\"
 .\" $FreeBSD: src/usr.sbin/acpi/acpidump/acpidump.8,v 1.9 2001/09/05 19:21:25 dd Exp $
 .\"
-.Dd $Mdocdate: March 13 2014 $
+.Dd $Mdocdate: September 25 2016 $
 .Dt ACPIDUMP 8
 .Os
 .Sh NAME
@@ -60,6 +60,13 @@ ports tree or package system:
 # pkg_add acpica
 $ iasl -d <prefix>.<sig>.<id>
 .Ed
+.Pp
+.Nm
+requires the ability to open
+.Pa /dev/kmem
+which may be restricted based upon the value of the
+.Ar kern.allowkmem
+.Xr sysctl 8 .
 .Sh FILES
 .Bl -tag -width /dev/mem
 .It Pa /dev/mem
diff --git a/usr.sbin/procmap/procmap.1 b/usr.sbin/procmap/procmap.1
index 850fb50be0a..c1edf188f83 100644
--- a/usr.sbin/procmap/procmap.1
+++ b/usr.sbin/procmap/procmap.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: procmap.1,v 1.21 2016/05/26 17:23:49 stefan Exp $
+.\"	$OpenBSD: procmap.1,v 1.22 2016/09/25 15:23:37 deraadt Exp $
 .\"	$NetBSD: pmap.1,v 1.6 2003/01/19 21:25:43 atatat Exp $
 .\"
 .\" Copyright (c) 2002 The NetBSD Foundation, Inc.
@@ -28,7 +28,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: May 26 2016 $
+.Dd $Mdocdate: September 25 2016 $
 .Dt PROCMAP 1
 .Os
 .Sh NAME
@@ -53,6 +53,13 @@ address, the underlying file's device and inode numbers, and various
 protection information will be displayed, along with the path to the
 file, if such data is available.
 .Pp
+.Nm
+requires the ability to open
+.Pa /dev/kmem
+which may be restricted based upon the value of the
+.Ar kern.allowkmem
+.Xr sysctl 8 .
+.Pp
 By default,
 .Nm
 displays information for its parent process, so that when run from a
diff --git a/usr.sbin/pstat/pstat.8 b/usr.sbin/pstat/pstat.8
index f0ed5fc1403..627ff32a8b4 100644
--- a/usr.sbin/pstat/pstat.8
+++ b/usr.sbin/pstat/pstat.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: pstat.8,v 1.50 2016/06/03 20:38:48 deraadt Exp $
+.\"	$OpenBSD: pstat.8,v 1.51 2016/09/25 15:23:37 deraadt Exp $
 .\"	$NetBSD: pstat.8,v 1.9.4.1 1996/06/02 09:08:17 mrg Exp $
 .\"
 .\" Copyright (c) 1980, 1991, 1993, 1994
@@ -30,7 +30,7 @@
 .\"
 .\"     from: @(#)pstat.8	8.4 (Berkeley) 4/19/94
 .\"
-.Dd $Mdocdate: June 3 2016 $
+.Dd $Mdocdate: September 25 2016 $
 .Dt PSTAT 8
 .Os
 .Sh NAME
@@ -72,6 +72,14 @@ or
 .Ar llx .
 Symbol names are read from the remaining command line arguments.
 Addresses may also be specified in hex.
+.Pp
+The
+.Fl d
+option requires the ability to open
+.Pa /dev/kmem
+which may be restricted based upon the value of the
+.Ar kern.allowkmem
+.Xr sysctl 8 .
 .It Fl f
 Print the open file table with these headings:
 .Bl -tag -width indent
@@ -335,6 +343,14 @@ special file times changed
 Number of bytes in an ordinary file, or
 major and minor device of special file.
 .El
+.Pp
+The
+.Fl v
+option requires the ability to open
+.Pa /dev/kmem
+which may be restricted based upon the value of the
+.Ar kern.allowkmem
+.Xr sysctl 8 .
 .El
 .Sh ENVIRONMENT
 .Bl -tag -width BLOCKSIZE