sysctl(2): add kern.utc_offset: successor to the DST/TIMEZONE options(4)

The DST and TIMEZONE options(4) are incompatible with KARL, so we need
some other way to compensate for an RTC running with a known offset.

Enter kern.utc_offset, an offset in minutes East of UTC.  TIMEZONE has
always been minutes West, but this is inconsistent with how everyone
else talks about timezones, hence the flip.

TIMEZONE has the advantage of being compiled into the binary.  Our new
sysctl(2) has no such luck, so it needs to be set as early as possible
in boot, from sysctl.conf(5), so we can correct the kernel clock from
the RTC's local time to UTC before daemons like ntpd(8) and cron(8)
start.  To encourage this, kern.utc_offset is made immutable after the
securelevel(7) is raised to 1.

Prompted by yasuoka@.  Discussed with deraadt@, kettenis@, yasuoka@.
Additional testing by yasuoka@.

ok deraadt@, yasuoka@

1 files changed, 3 insertions, 2 deletions

diff --git a/share/man/man7/securelevel.7 b/share/man/man7/securelevel.7
index eff3ceba45d..9381529baec 100644
--- a/share/man/man7/securelevel.7
+++ b/share/man/man7/securelevel.7
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: securelevel.7,v 1.30 2017/09/12 02:22:15 schwarze Exp $
+.\"     $OpenBSD: securelevel.7,v 1.31 2019/08/21 20:44:09 cheloha Exp $
 .\"
 .\" Copyright (c) 2000 Hugh Graham
 .\"
@@ -23,7 +23,7 @@
 .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 12 2017 $
+.Dd $Mdocdate: August 21 2019 $
 .Dt SECURELEVEL 7
 .Os
 .Sh NAME
@@ -76,6 +76,7 @@ the
 .Va fs.posix.setuid ,
 .Va hw.allowpowerdown ,
 .Va kern.allowkmem ,
+.Va kern.utc_offset ,
 .Va net.inet.ip.sourceroute ,
 and
 .Va machdep.kbdreset