libcapsicum: cache more time zone information

The functions like gmtime(3) expect to cache a GMT time zone. Some
sandboxed programs (like last(1)) use the gmtime(3) function.
In case of last(1), this function fails to load a proper time zone
because it is called after entering the capability mode.

_open () at _open.S:4
0x00000008011bc5a8 in tzloadbody (name=0x8018b9580 "/usr/share/zoneinfo/Etc/UTC", sp=0x801870140,
tzload (name=<optimized out>, sp=0x801870140, doextend=true)
0x00000008011bb8ba in gmtload (sp=0x801870140) at /usr/src/contrib/tzcode/localtime.c:1456
gmtcheck () at /usr/src/contrib/tzcode/localtime.c:1581
0x000000080111f85a in _libc_once (once_control=0x80127c550, init_routine=0x0)
_once (once_control=0x80127c550, init_routine=0x0) at /usr/src/lib/libc/gen/_once_stub.c:63
0x00000008011bb9d0 in gmtime_r (timep=0x7fffffffe3a8, tmp=0x80127c568)
gmtime (timep=timep@entry=0x7fffffffe3a8) at /usr/src/contrib/tzcode/localtime.c:1865
0x0000000001024cd4 in printentry (bp=bp@entry=0x8018b4800, tt=tt@entry=0x80186a0a0)
0x00000000010245ae in doentry (bp=0x8018b4800)
0x00000000010243a7 in main (argc=1, argv=<optimized out>)

This time zone is not loaded by the tzset(3) function. Because of
that, extend the caph_cache_tzdata(3) function to also include the
GMT time zone. There is no other way to cache this data than
calling gmtime(3) once.

MFC after:	5 days
Reviewed by:	emaste, markj
Differential Revision:	https://reviews.freebsd.org/D45297

(cherry picked from commit e24ff5c99b)
This commit is contained in:
Mariusz Zaborski 2024-05-27 13:17:03 +02:00
parent 7fa105d91f
commit c7bb7a2333

View File

@ -133,8 +133,17 @@ caph_limit_stdio(void)
static __inline void
caph_cache_tzdata(void)
{
time_t delta;
tzset();
/*
* The tzset() function does not cache all time zones.
* Some functions, such as gmtime(), require a GMT time zone.
* The only way to cache them is to call the function directly.
*/
delta = 0;
(void)gmtime(&delta);
}
static __inline void