Since I'm receiving various private queries about documenting the new kern.video.record sysctl(2) variable, I send the diff I've created already for the man page updates here.
OK? (I'm happy if others want to do improvements afterwards in-tree) Index: share/man/man4/video.4 =================================================================== RCS file: /cvs/src/share/man/man4/video.4,v retrieving revision 1.18 diff -u -p -u -p -r1.18 video.4 --- share/man/man4/video.4 31 Jul 2020 18:17:17 -0000 1.18 +++ share/man/man4/video.4 28 Dec 2020 20:09:50 -0000 @@ -40,6 +40,16 @@ Therefore this document mainly describes which are supported by the .Nm driver. +.Pp +For security reasons video recording is disabled by default. +To achieve this, the +.Nm +driver will blank the image data received from the underlying video hardware +driver. +The superuser can change this behavior by the +.Va kern.video.record +.Xr sysctl 2 +variable. .Sh IOCTLS The following .Xr ioctl 2 Index: share/man/man8/afterboot.8 =================================================================== RCS file: /cvs/src/share/man/man8/afterboot.8,v retrieving revision 1.167 diff -u -p -u -p -r1.167 afterboot.8 --- share/man/man8/afterboot.8 23 Oct 2020 20:37:45 -0000 1.167 +++ share/man/man8/afterboot.8 28 Dec 2020 20:09:50 -0000 @@ -414,6 +414,14 @@ Normal audio recording can be enabled by .Xr sysctl.conf 5 : .Pp .Dl kern.audio.record=1 +.Ss Video recording +The +.Xr video 4 +driver by default records only blanked images. +Normal video recording can be enabled by adding the following directive to +.Xr sysctl.conf 5 : +.Pp +.Dl kern.video.record=1 .Ss Mail aliases Edit .Pa /etc/mail/aliases Index: lib/libc/sys/sysctl.2 =================================================================== RCS file: /cvs/src/lib/libc/sys/sysctl.2,v retrieving revision 1.41 diff -u -p -u -p -r1.41 sysctl.2 --- lib/libc/sys/sysctl.2 4 Aug 2020 09:32:05 -0000 1.41 +++ lib/libc/sys/sysctl.2 28 Dec 2020 20:09:50 -0000 @@ -491,6 +491,7 @@ information. .It Dv KERN_TTYCOUNT Ta "integer" Ta "no" .It Dv KERN_UTC_OFFSET Ta "integer" Ta "yes" .It Dv KERN_VERSION Ta "string" Ta "no" +.It Dv KERN_VIDEO Ta "node" Ta "yes" .It Dv KERN_WATCHDOG Ta "node" Ta "not applicable" .It Dv KERN_WITNESS Ta "node" Ta "not applicable" .It Dv KERN_WXABORT Ta "integer" Ta "yes" @@ -1104,6 +1105,23 @@ greater than 0, this variable may not be changed. .It Dv KERN_VERSION Pq Va kern.version The system version string. +.It Dv KERN_VIDEO Pq Va kern.video +Control device-independent aspects of the +.Xr video 4 +subsystem. +Currently, there is one subnode: +.Bl -column "KERN_VIDEO_RECORD" "integer" "Changeable" -offset indent +.It Sy "Third level name" Ta Sy "Type" Ta Sy "Changeable" +.It Dv KERN_VIDEO_RECORD Ta "integer" Ta "yes" +.El +.Pp +Its meaning is as follows: +.Bl -tag -width "123456" +.It Dv KERN_VIDEO_RECORD Pq Va kern.video.record +If set to the default value of 0, recording is disabled by default +for all video devices. +Otherwise, video recording is enabled by default. +.El .It Dv KERN_WATCHDOG Pq Va kern.watchdog Return information on hardware watchdog timers. If the kernel does not support a hardware watchdog timer,
