Hi, moving from misc@ to tech@ because you found a documentation bug.
Any OKs for the patch below? Ingo Nan Xiao wrote on Tue, Sep 12, 2017 at 08:58:25AM +0800: > I want to run dmidecode (https://github.com/mirror/dmidecode) on > OpenBSD 6.1, but executing it will report following errors: > > # ./dmidecode > # dmidecode 3.1 > Scanning /dev/mem for entry point. > /dev/mem: Operation not permitted > > After single-step debugging, I find the error is from open /dev/mem: > > if ((fd = open(filename, O_RDONLY)) == -1) > { > if (errno != ENOENT) > perror(filename); > return NULL; > } > > I execute program as a root, and the attributes of `/dev/mem`: > > # ls -lt /dev/mem > crw-r----- 1 root kmem 2, 0 Aug 25 18:38 /dev/mem Index: lib/libc/gen/sysctl.3 =================================================================== RCS file: /cvs/src/lib/libc/gen/sysctl.3,v retrieving revision 1.282 diff -u -p -r1.282 sysctl.3 --- lib/libc/gen/sysctl.3 10 Sep 2017 11:30:43 -0000 1.282 +++ lib/libc/gen/sysctl.3 12 Sep 2017 01:59:54 -0000 @@ -484,6 +484,8 @@ information. .Bl -tag -width "123456" .It Dv KERN_ALLOWKMEM Pq Va kern.allowkmem Allow userland processes access to +.Pa /dev/mem +and .Pa /dev/kmem . When running with a .Xr securelevel 7 Index: share/man/man7/securelevel.7 =================================================================== RCS file: /cvs/src/share/man/man7/securelevel.7,v retrieving revision 1.29 diff -u -p -r1.29 securelevel.7 --- share/man/man7/securelevel.7 28 Sep 2016 17:58:17 -0000 1.29 +++ share/man/man7/securelevel.7 12 Sep 2017 01:59:54 -0000 @@ -66,7 +66,7 @@ securelevel may no longer be lowered exc .Pa /dev/mem and .Pa /dev/kmem -may not be written to +cannot be opened .It raw disk devices of mounted file systems are read-only .It Index: share/man/man4/man4.alpha/mem.4 =================================================================== RCS file: /cvs/src/share/man/man4/man4.alpha/mem.4,v retrieving revision 1.4 diff -u -p -r1.4 mem.4 --- share/man/man4/man4.alpha/mem.4 31 May 2007 19:19:53 -0000 1.4 +++ share/man/man4/man4.alpha/mem.4 12 Sep 2017 01:59:54 -0000 @@ -56,15 +56,18 @@ Kernel virtual memory is accessed via th in the same manner as .Pa /dev/mem . Only kernel virtual addresses that are currently mapped to memory are allowed. -.Sh ALPHA -On the -.Tn alpha , -physical memory may be discontiguous; +.Pp +On the alpha, physical memory may be discontiguous; kernel virtual memory begins at .Li 0xfffffc0000230000 . .Pp -Writeability of these devices is controlled by the system -.Xr securelevel 7 . +Even with sufficient file system permissions, +these devices can only be opened when the +.Xr securelevel 7 +is insecure or when the +.Va kern.allowkmem +.Xr sysctl 3 +variable is set. .Sh FILES .Bl -tag -width /dev/kmem -compact .It /dev/mem Index: share/man/man4/man4.amd64/mem.4 =================================================================== RCS file: /cvs/src/share/man/man4/man4.amd64/mem.4,v retrieving revision 1.3 diff -u -p -r1.3 mem.4 --- share/man/man4/man4.amd64/mem.4 31 May 2007 19:19:53 -0000 1.3 +++ share/man/man4/man4.amd64/mem.4 12 Sep 2017 01:59:54 -0000 @@ -62,8 +62,13 @@ to The kernel virtual memory begins at address .Li 0xffffffff80000000 . .Pp -Writeability of these devices is controlled by the system -.Xr securelevel 7 . +Even with sufficient file system permissions, +these devices can only be opened when the +.Xr securelevel 7 +is insecure or when the +.Va kern.allowkmem +.Xr sysctl 3 +variable is set. .Sh FILES .Bl -tag -width Pa -compact .It Pa /dev/mem Index: share/man/man4/man4.hppa/mem.4 =================================================================== RCS file: /cvs/src/share/man/man4/man4.hppa/mem.4,v retrieving revision 1.2 diff -u -p -r1.2 mem.4 --- share/man/man4/man4.hppa/mem.4 31 May 2007 19:19:54 -0000 1.2 +++ share/man/man4/man4.hppa/mem.4 12 Sep 2017 01:59:54 -0000 @@ -50,13 +50,13 @@ Access to kernel virtual addresses not c On hppa, the physical memory range is always contiguous and starts at address 0; kernel virtual memory begins at address 0 as well. .Pp -The writeability of the -.Pa /dev/mem -and -.Pa /dev/kmem -special files are controlled by the system -.Xr securelevel 7 , -in addition to the filesystem permissions. +Even with sufficient file system permissions, +these devices can only be opened when the +.Xr securelevel 7 +is insecure or when the +.Va kern.allowkmem +.Xr sysctl 3 +variable is set. .Sh FILES .Bl -tag -width /dev/kmem -compact .It Pa /dev/mem Index: share/man/man4/man4.i386/mem.4 =================================================================== RCS file: /cvs/src/share/man/man4/man4.i386/mem.4,v retrieving revision 1.9 diff -u -p -r1.9 mem.4 --- share/man/man4/man4.i386/mem.4 31 May 2007 19:19:55 -0000 1.9 +++ share/man/man4/man4.i386/mem.4 12 Sep 2017 01:59:54 -0000 @@ -62,8 +62,13 @@ The per-process data size for the curren long, and ends at virtual address .Li 0xfe000000 . .Pp -Writeability of these devices is controlled by the system -.Xr securelevel 7 . +Even with sufficient file system permissions, +these devices can only be opened when the +.Xr securelevel 7 +is insecure or when the +.Va kern.allowkmem +.Xr sysctl 3 +variable is set. .Sh FILES .Bl -tag -width Pa -compact .It Pa /dev/mem Index: share/man/man4/man4.landisk/mem.4 =================================================================== RCS file: /cvs/src/share/man/man4/man4.landisk/mem.4,v retrieving revision 1.2 diff -u -p -r1.2 mem.4 --- share/man/man4/man4.landisk/mem.4 31 May 2007 19:19:55 -0000 1.2 +++ share/man/man4/man4.landisk/mem.4 12 Sep 2017 01:59:54 -0000 @@ -57,8 +57,13 @@ On landisk, physical memory is contiguou The kernel virtual memory begins at address .Li 0xc0000000 . .Pp -Writeability of these devices is controlled by the system -.Xr securelevel 7 . +Even with sufficient file system permissions, +these devices can only be opened when the +.Xr securelevel 7 +is insecure or when the +.Va kern.allowkmem +.Xr sysctl 3 +variable is set. .Sh FILES .Bl -tag -width Pa -compact .It Pa /dev/mem Index: share/man/man4/man4.loongson/mem.4 =================================================================== RCS file: /cvs/src/share/man/man4/man4.loongson/mem.4,v retrieving revision 1.2 diff -u -p -r1.2 mem.4 --- share/man/man4/man4.loongson/mem.4 10 Feb 2010 08:35:31 -0000 1.2 +++ share/man/man4/man4.loongson/mem.4 12 Sep 2017 01:59:54 -0000 @@ -87,8 +87,13 @@ address range. The kernel virtual memory begins at address .Ad 0xc000000000000000 . .Pp -Writeability of these devices is controlled by the system -.Xr securelevel 7 . +Even with sufficient file system permissions, +these devices can only be opened when the +.Xr securelevel 7 +is insecure or when the +.Va kern.allowkmem +.Xr sysctl 3 +variable is set. .Sh FILES .Bl -tag -width Pa -compact .It Pa /dev/mem Index: share/man/man4/man4.luna88k/mem.4 =================================================================== RCS file: /cvs/src/share/man/man4/man4.luna88k/mem.4,v retrieving revision 1.2 diff -u -p -r1.2 mem.4 --- share/man/man4/man4.luna88k/mem.4 31 May 2007 19:19:55 -0000 1.2 +++ share/man/man4/man4.luna88k/mem.4 12 Sep 2017 01:59:54 -0000 @@ -61,8 +61,13 @@ On the luna88k, physical memory is alway kernel virtual memory begins at .Ad 0x00000000 . .Pp -Writeability of these devices is controlled by the system -.Xr securelevel 7 . +Even with sufficient file system permissions, +these devices can only be opened when the +.Xr securelevel 7 +is insecure or when the +.Va kern.allowkmem +.Xr sysctl 3 +variable is set. .Sh FILES .Bl -tag -width /dev/kmem -compact .It Pa /dev/mem Index: share/man/man4/man4.macppc/mem.4 =================================================================== RCS file: /cvs/src/share/man/man4/man4.macppc/mem.4,v retrieving revision 1.5 diff -u -p -r1.5 mem.4 --- share/man/man4/man4.macppc/mem.4 31 May 2007 19:19:55 -0000 1.5 +++ share/man/man4/man4.macppc/mem.4 12 Sep 2017 01:59:54 -0000 @@ -57,14 +57,17 @@ in the same manner as .Pa /dev/mem . Only kernel virtual addresses that are currently mapped to memory are allowed. .Pp -On the -.Tn Macintosh , -physical memory may be discontiguous; +On the Macintosh, physical memory may be discontiguous; kernel virtual memory begins at .Ad 0x00000000 . .Pp -Writeability of these devices is controlled by the system -.Xr securelevel 7 . +Even with sufficient file system permissions, +these devices can only be opened when the +.Xr securelevel 7 +is insecure or when the +.Va kern.allowkmem +.Xr sysctl 3 +variable is set. .Sh FILES .Bl -tag -width /dev/kmem -compact .It /dev/mem Index: share/man/man4/man4.socppc/mem.4 =================================================================== RCS file: /cvs/src/share/man/man4/man4.socppc/mem.4,v retrieving revision 1.1 diff -u -p -r1.1 mem.4 --- share/man/man4/man4.socppc/mem.4 14 May 2008 21:08:09 -0000 1.1 +++ share/man/man4/man4.socppc/mem.4 12 Sep 2017 01:59:54 -0000 @@ -61,8 +61,13 @@ On this platform, physical memory is alw kernel virtual memory begins at .Ad 0x00000000 . .Pp -Writeability of these devices is controlled by the system -.Xr securelevel 7 . +Even with sufficient file system permissions, +these devices can only be opened when the +.Xr securelevel 7 +is insecure or when the +.Va kern.allowkmem +.Xr sysctl 3 +variable is set. .Sh FILES .Bl -tag -width /dev/kmem -compact .It /dev/mem Index: share/man/man4/man4.sparc64/mem.4 =================================================================== RCS file: /cvs/src/share/man/man4/man4.sparc64/mem.4,v retrieving revision 1.4 diff -u -p -r1.4 mem.4 --- share/man/man4/man4.sparc64/mem.4 31 May 2007 19:19:57 -0000 1.4 +++ share/man/man4/man4.sparc64/mem.4 12 Sep 2017 01:59:54 -0000 @@ -56,15 +56,20 @@ Kernel virtual memory is accessed via th in the same manner as .Pa /dev/mem . Only kernel virtual addresses that are currently mapped to memory are allowed. -.Sh SPARC64 +.Pp On the sparc64, physical memory may be discontiguous; kernel virtual memory begins at .Li 0x001000000 . .Pp -Writeability of these devices is controlled by the system -.Xr securelevel 7 . +Even with sufficient file system permissions, +these devices can only be opened when the +.Xr securelevel 7 +is insecure or when the +.Va kern.allowkmem +.Xr sysctl 3 +variable is set. .Sh FILES .Bl -tag -width /dev/kmem -compact .It /dev/mem