17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5f48205beScasper * Common Development and Distribution License (the "License"). 6f48205beScasper * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*982b4ad2SCasper H.S. Dik * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate /* 277c478bd9Sstevel@tonic-gate * Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T 287c478bd9Sstevel@tonic-gate */ 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #include <sys/param.h> 317c478bd9Sstevel@tonic-gate #include <sys/types.h> 327c478bd9Sstevel@tonic-gate #include <sys/sysmacros.h> 337c478bd9Sstevel@tonic-gate #include <sys/systm.h> 347c478bd9Sstevel@tonic-gate #include <sys/tuneable.h> 357c478bd9Sstevel@tonic-gate #include <sys/cred_impl.h> 367c478bd9Sstevel@tonic-gate #include <sys/errno.h> 377c478bd9Sstevel@tonic-gate #include <sys/proc.h> 387c478bd9Sstevel@tonic-gate #include <sys/signal.h> 397c478bd9Sstevel@tonic-gate #include <sys/debug.h> 407c478bd9Sstevel@tonic-gate #include <sys/policy.h> 417c478bd9Sstevel@tonic-gate #include <sys/zone.h> 42f48205beScasper #include <sys/sid.h> 437c478bd9Sstevel@tonic-gate 447c478bd9Sstevel@tonic-gate int 457c478bd9Sstevel@tonic-gate setuid(uid_t uid) 467c478bd9Sstevel@tonic-gate { 47f48205beScasper proc_t *p; 487c478bd9Sstevel@tonic-gate int error; 497c478bd9Sstevel@tonic-gate int do_nocd = 0; 507c478bd9Sstevel@tonic-gate int uidchge = 0; 517c478bd9Sstevel@tonic-gate cred_t *cr, *newcr; 527c478bd9Sstevel@tonic-gate uid_t oldruid = uid; 537c478bd9Sstevel@tonic-gate zoneid_t zoneid = getzoneid(); 54f48205beScasper ksid_t ksid, *ksp; 55bda89588Sjp151216 zone_t *zone = crgetzone(CRED()); 567c478bd9Sstevel@tonic-gate 57bda89588Sjp151216 if (!VALID_UID(uid, zone)) 587c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 597c478bd9Sstevel@tonic-gate 60f48205beScasper if (uid > MAXUID) { 61bda89588Sjp151216 if (ksid_lookupbyuid(zone, uid, &ksid) != 0) 62f48205beScasper return (set_errno(EINVAL)); 63f48205beScasper ksp = &ksid; 64f48205beScasper } else { 65f48205beScasper ksp = NULL; 66f48205beScasper } 677c478bd9Sstevel@tonic-gate /* 687c478bd9Sstevel@tonic-gate * Need to pre-allocate the new cred structure before grabbing 69ddf7fe95Scasper * the p_crlock mutex. We can't hold on to the p_crlock for most 70ddf7fe95Scasper * if this though, now that we allow kernel upcalls from the 71ddf7fe95Scasper * policy routines. 727c478bd9Sstevel@tonic-gate */ 73f48205beScasper newcr = cralloc_ksid(); 747c478bd9Sstevel@tonic-gate 757c478bd9Sstevel@tonic-gate p = ttoproc(curthread); 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate retry: 787c478bd9Sstevel@tonic-gate mutex_enter(&p->p_crlock); 79ddf7fe95Scasper retry_locked: 807c478bd9Sstevel@tonic-gate cr = p->p_cred; 81ddf7fe95Scasper crhold(cr); 82ddf7fe95Scasper mutex_exit(&p->p_crlock); 837c478bd9Sstevel@tonic-gate 847c478bd9Sstevel@tonic-gate if ((uid == cr->cr_ruid || uid == cr->cr_suid) && 857c478bd9Sstevel@tonic-gate secpolicy_allow_setid(cr, uid, B_TRUE) != 0) { 86ddf7fe95Scasper mutex_enter(&p->p_crlock); 87ddf7fe95Scasper crfree(cr); 88ddf7fe95Scasper if (cr != p->p_cred) 89ddf7fe95Scasper goto retry_locked; 907c478bd9Sstevel@tonic-gate error = 0; 917c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 927c478bd9Sstevel@tonic-gate p->p_cred = newcr; 937c478bd9Sstevel@tonic-gate newcr->cr_uid = uid; 94f48205beScasper crsetsid(newcr, ksp, KSID_USER); 95ddf7fe95Scasper mutex_exit(&p->p_crlock); 967c478bd9Sstevel@tonic-gate } else if ((error = secpolicy_allow_setid(cr, uid, B_FALSE)) == 0) { 97ddf7fe95Scasper mutex_enter(&p->p_crlock); 98ddf7fe95Scasper crfree(cr); 99ddf7fe95Scasper if (cr != p->p_cred) 100ddf7fe95Scasper goto retry_locked; 1017c478bd9Sstevel@tonic-gate if (!uidchge && uid != cr->cr_ruid) { 1027c478bd9Sstevel@tonic-gate /* 1037c478bd9Sstevel@tonic-gate * The ruid of the process is going to change. In order 1047c478bd9Sstevel@tonic-gate * to avoid a race condition involving the 1057c478bd9Sstevel@tonic-gate * process-count associated with the newly given ruid, 1067c478bd9Sstevel@tonic-gate * we increment the count before assigning the 1077c478bd9Sstevel@tonic-gate * credential to the process. 1087c478bd9Sstevel@tonic-gate * To do that, we'll have to take pidlock, so we first 1097c478bd9Sstevel@tonic-gate * release p_crlock. 1107c478bd9Sstevel@tonic-gate */ 1117c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 1127c478bd9Sstevel@tonic-gate uidchge = 1; 1137c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 1147c478bd9Sstevel@tonic-gate upcount_inc(uid, zoneid); 1157c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 1167c478bd9Sstevel@tonic-gate /* 1177c478bd9Sstevel@tonic-gate * As we released p_crlock we can't rely on the cr 1187c478bd9Sstevel@tonic-gate * we read. So retry the whole thing. 1197c478bd9Sstevel@tonic-gate */ 1207c478bd9Sstevel@tonic-gate goto retry; 1217c478bd9Sstevel@tonic-gate } 1227c478bd9Sstevel@tonic-gate /* 1237c478bd9Sstevel@tonic-gate * A privileged process that gives up its privilege 1247c478bd9Sstevel@tonic-gate * must be marked to produce no core dump. 1257c478bd9Sstevel@tonic-gate */ 1267c478bd9Sstevel@tonic-gate if (cr->cr_uid != uid || 1277c478bd9Sstevel@tonic-gate cr->cr_ruid != uid || 1287c478bd9Sstevel@tonic-gate cr->cr_suid != uid) 1297c478bd9Sstevel@tonic-gate do_nocd = 1; 1307c478bd9Sstevel@tonic-gate oldruid = cr->cr_ruid; 1317c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 1327c478bd9Sstevel@tonic-gate p->p_cred = newcr; 1337c478bd9Sstevel@tonic-gate newcr->cr_ruid = uid; 1347c478bd9Sstevel@tonic-gate newcr->cr_suid = uid; 1357c478bd9Sstevel@tonic-gate newcr->cr_uid = uid; 136f48205beScasper crsetsid(newcr, ksp, KSID_USER); 137*982b4ad2SCasper H.S. Dik 138*982b4ad2SCasper H.S. Dik priv_reset_PA(newcr, B_TRUE); 139*982b4ad2SCasper H.S. Dik 1407c478bd9Sstevel@tonic-gate ASSERT(uid != oldruid ? uidchge : 1); 141ddf7fe95Scasper mutex_exit(&p->p_crlock); 142f48205beScasper } else { 1437c478bd9Sstevel@tonic-gate crfree(newcr); 144ddf7fe95Scasper crfree(cr); 145f48205beScasper if (ksp != NULL) 146f48205beScasper ksid_rele(ksp); 147f48205beScasper } 1487c478bd9Sstevel@tonic-gate 1497c478bd9Sstevel@tonic-gate /* 1507c478bd9Sstevel@tonic-gate * We decrement the number of processes associated with the oldruid 1517c478bd9Sstevel@tonic-gate * to match the increment above, even if the ruid of the process 1527c478bd9Sstevel@tonic-gate * did not change or an error occurred (oldruid == uid). 1537c478bd9Sstevel@tonic-gate */ 1547c478bd9Sstevel@tonic-gate if (uidchge) { 1557c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 1567c478bd9Sstevel@tonic-gate upcount_dec(oldruid, zoneid); 1577c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 1587c478bd9Sstevel@tonic-gate } 1597c478bd9Sstevel@tonic-gate 1607c478bd9Sstevel@tonic-gate if (error == 0) { 1617c478bd9Sstevel@tonic-gate if (do_nocd) { 1627c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 1637c478bd9Sstevel@tonic-gate p->p_flag |= SNOCD; 1647c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 1657c478bd9Sstevel@tonic-gate } 1667c478bd9Sstevel@tonic-gate crset(p, newcr); /* broadcast to process threads */ 1677c478bd9Sstevel@tonic-gate return (0); 1687c478bd9Sstevel@tonic-gate } 1697c478bd9Sstevel@tonic-gate return (set_errno(error)); 1707c478bd9Sstevel@tonic-gate } 1717c478bd9Sstevel@tonic-gate 1727c478bd9Sstevel@tonic-gate int64_t 1737c478bd9Sstevel@tonic-gate getuid(void) 1747c478bd9Sstevel@tonic-gate { 1757c478bd9Sstevel@tonic-gate rval_t r; 1767c478bd9Sstevel@tonic-gate cred_t *cr; 1777c478bd9Sstevel@tonic-gate 1787c478bd9Sstevel@tonic-gate cr = curthread->t_cred; 1797c478bd9Sstevel@tonic-gate r.r_val1 = cr->cr_ruid; 1807c478bd9Sstevel@tonic-gate r.r_val2 = cr->cr_uid; 1817c478bd9Sstevel@tonic-gate return (r.r_vals); 1827c478bd9Sstevel@tonic-gate } 1837c478bd9Sstevel@tonic-gate 1847c478bd9Sstevel@tonic-gate int 1857c478bd9Sstevel@tonic-gate seteuid(uid_t uid) 1867c478bd9Sstevel@tonic-gate { 187f48205beScasper proc_t *p; 1887c478bd9Sstevel@tonic-gate int error = EPERM; 1897c478bd9Sstevel@tonic-gate int do_nocd = 0; 1907c478bd9Sstevel@tonic-gate cred_t *cr, *newcr; 191f48205beScasper ksid_t ksid, *ksp; 192bda89588Sjp151216 zone_t *zone = crgetzone(CRED()); 1937c478bd9Sstevel@tonic-gate 194bda89588Sjp151216 if (!VALID_UID(uid, zone)) 1957c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 1967c478bd9Sstevel@tonic-gate 197f48205beScasper if (uid > MAXUID) { 198bda89588Sjp151216 if (ksid_lookupbyuid(zone, uid, &ksid) != 0) 199f48205beScasper return (set_errno(EINVAL)); 200f48205beScasper ksp = &ksid; 201f48205beScasper } else { 202f48205beScasper ksp = NULL; 203f48205beScasper } 204f48205beScasper 2057c478bd9Sstevel@tonic-gate /* 2067c478bd9Sstevel@tonic-gate * Need to pre-allocate the new cred structure before grabbing 2077c478bd9Sstevel@tonic-gate * the p_crlock mutex. 2087c478bd9Sstevel@tonic-gate */ 209f48205beScasper newcr = cralloc_ksid(); 2107c478bd9Sstevel@tonic-gate p = ttoproc(curthread); 2117c478bd9Sstevel@tonic-gate mutex_enter(&p->p_crlock); 212ddf7fe95Scasper retry: 213ddf7fe95Scasper crhold(cr = p->p_cred); 214ddf7fe95Scasper mutex_exit(&p->p_crlock); 2157c478bd9Sstevel@tonic-gate 2167c478bd9Sstevel@tonic-gate if (uid == cr->cr_ruid || uid == cr->cr_uid || uid == cr->cr_suid || 2177c478bd9Sstevel@tonic-gate (error = secpolicy_allow_setid(cr, uid, B_FALSE)) == 0) { 2187c478bd9Sstevel@tonic-gate /* 2197c478bd9Sstevel@tonic-gate * A privileged process that makes itself look like a 2207c478bd9Sstevel@tonic-gate * set-uid process must be marked to produce no core dump, 2217c478bd9Sstevel@tonic-gate * if the effective uid did changed. 2227c478bd9Sstevel@tonic-gate */ 223ddf7fe95Scasper mutex_enter(&p->p_crlock); 224ddf7fe95Scasper crfree(cr); 225ddf7fe95Scasper if (cr != p->p_cred) 226ddf7fe95Scasper goto retry; 2277c478bd9Sstevel@tonic-gate if (cr->cr_uid != uid && error == 0) 2287c478bd9Sstevel@tonic-gate do_nocd = 1; 2297c478bd9Sstevel@tonic-gate error = 0; 2307c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 2317c478bd9Sstevel@tonic-gate p->p_cred = newcr; 2327c478bd9Sstevel@tonic-gate newcr->cr_uid = uid; 233f48205beScasper crsetsid(newcr, ksp, KSID_USER); 234*982b4ad2SCasper H.S. Dik priv_reset_PA(newcr, B_FALSE); 2357c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 2367c478bd9Sstevel@tonic-gate if (do_nocd) { 2377c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 2387c478bd9Sstevel@tonic-gate p->p_flag |= SNOCD; 2397c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 2407c478bd9Sstevel@tonic-gate } 2417c478bd9Sstevel@tonic-gate crset(p, newcr); /* broadcast to process threads */ 2427c478bd9Sstevel@tonic-gate return (0); 2437c478bd9Sstevel@tonic-gate } 244ddf7fe95Scasper 245ddf7fe95Scasper crfree(newcr); 246ddf7fe95Scasper crfree(cr); 247ddf7fe95Scasper if (ksp != NULL) 248ddf7fe95Scasper ksid_rele(ksp); 2497c478bd9Sstevel@tonic-gate return (set_errno(error)); 2507c478bd9Sstevel@tonic-gate } 2517c478bd9Sstevel@tonic-gate 2527c478bd9Sstevel@tonic-gate /* 2537c478bd9Sstevel@tonic-gate * Buy-back from SunOS 4.x 2547c478bd9Sstevel@tonic-gate * 2557c478bd9Sstevel@tonic-gate * Like setuid() and seteuid() combined -except- that non-root users 2567c478bd9Sstevel@tonic-gate * can change cr_ruid to cr_uid, and the semantics of cr_suid are 2577c478bd9Sstevel@tonic-gate * subtly different. 2587c478bd9Sstevel@tonic-gate */ 2597c478bd9Sstevel@tonic-gate int 2607c478bd9Sstevel@tonic-gate setreuid(uid_t ruid, uid_t euid) 2617c478bd9Sstevel@tonic-gate { 2627c478bd9Sstevel@tonic-gate proc_t *p; 2637c478bd9Sstevel@tonic-gate int error = 0; 2647c478bd9Sstevel@tonic-gate int do_nocd = 0; 2657c478bd9Sstevel@tonic-gate int uidchge = 0; 2667c478bd9Sstevel@tonic-gate uid_t oldruid = ruid; 2677c478bd9Sstevel@tonic-gate cred_t *cr, *newcr; 2687c478bd9Sstevel@tonic-gate zoneid_t zoneid = getzoneid(); 269f48205beScasper ksid_t ksid, *ksp; 270bda89588Sjp151216 zone_t *zone = crgetzone(CRED()); 2717c478bd9Sstevel@tonic-gate 272bda89588Sjp151216 if ((ruid != -1 && !VALID_UID(ruid, zone)) || 273bda89588Sjp151216 (euid != -1 && !VALID_UID(euid, zone))) 2747c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 2757c478bd9Sstevel@tonic-gate 276f48205beScasper if (euid != -1 && euid > MAXUID) { 277bda89588Sjp151216 if (ksid_lookupbyuid(zone, euid, &ksid) != 0) 278f48205beScasper return (set_errno(EINVAL)); 279f48205beScasper ksp = &ksid; 280f48205beScasper } else { 281f48205beScasper ksp = NULL; 282f48205beScasper } 283f48205beScasper 2847c478bd9Sstevel@tonic-gate /* 2857c478bd9Sstevel@tonic-gate * Need to pre-allocate the new cred structure before grabbing 2867c478bd9Sstevel@tonic-gate * the p_crlock mutex. 2877c478bd9Sstevel@tonic-gate */ 288f48205beScasper newcr = cralloc_ksid(); 2897c478bd9Sstevel@tonic-gate 2907c478bd9Sstevel@tonic-gate p = ttoproc(curthread); 2917c478bd9Sstevel@tonic-gate 2927c478bd9Sstevel@tonic-gate retry: 2937c478bd9Sstevel@tonic-gate mutex_enter(&p->p_crlock); 294ddf7fe95Scasper retry_locked: 295ddf7fe95Scasper crhold(cr = p->p_cred); 296ddf7fe95Scasper mutex_exit(&p->p_crlock); 2977c478bd9Sstevel@tonic-gate 2987c478bd9Sstevel@tonic-gate if (ruid != -1 && ruid != cr->cr_ruid && ruid != cr->cr_uid && 2997c478bd9Sstevel@tonic-gate secpolicy_allow_setid(cr, ruid, B_FALSE) != 0) { 300ddf7fe95Scasper mutex_enter(&p->p_crlock); 301ddf7fe95Scasper crfree(cr); 302ddf7fe95Scasper if (cr != p->p_cred) 303ddf7fe95Scasper goto retry_locked; 3047c478bd9Sstevel@tonic-gate error = EPERM; 3057c478bd9Sstevel@tonic-gate } else if (euid != -1 && 3067c478bd9Sstevel@tonic-gate euid != cr->cr_ruid && euid != cr->cr_uid && 3077c478bd9Sstevel@tonic-gate euid != cr->cr_suid && secpolicy_allow_setid(cr, euid, B_FALSE)) { 308ddf7fe95Scasper mutex_enter(&p->p_crlock); 309ddf7fe95Scasper crfree(cr); 310ddf7fe95Scasper if (cr != p->p_cred) 311ddf7fe95Scasper goto retry_locked; 3127c478bd9Sstevel@tonic-gate error = EPERM; 3137c478bd9Sstevel@tonic-gate } else { 314ddf7fe95Scasper mutex_enter(&p->p_crlock); 315ddf7fe95Scasper crfree(cr); 316ddf7fe95Scasper if (cr != p->p_cred) 317ddf7fe95Scasper goto retry_locked; 3187c478bd9Sstevel@tonic-gate if (!uidchge && ruid != -1 && cr->cr_ruid != ruid) { 3197c478bd9Sstevel@tonic-gate /* 3207c478bd9Sstevel@tonic-gate * The ruid of the process is going to change. In order 3217c478bd9Sstevel@tonic-gate * to avoid a race condition involving the 3227c478bd9Sstevel@tonic-gate * process-count associated with the newly given ruid, 3237c478bd9Sstevel@tonic-gate * we increment the count before assigning the 3247c478bd9Sstevel@tonic-gate * credential to the process. 3257c478bd9Sstevel@tonic-gate * To do that, we'll have to take pidlock, so we first 3267c478bd9Sstevel@tonic-gate * release p_crlock. 3277c478bd9Sstevel@tonic-gate */ 3287c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 3297c478bd9Sstevel@tonic-gate uidchge = 1; 3307c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 3317c478bd9Sstevel@tonic-gate upcount_inc(ruid, zoneid); 3327c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 3337c478bd9Sstevel@tonic-gate /* 3347c478bd9Sstevel@tonic-gate * As we released p_crlock we can't rely on the cr 3357c478bd9Sstevel@tonic-gate * we read. So retry the whole thing. 3367c478bd9Sstevel@tonic-gate */ 3377c478bd9Sstevel@tonic-gate goto retry; 3387c478bd9Sstevel@tonic-gate } 3397c478bd9Sstevel@tonic-gate crhold(cr); 3407c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 3417c478bd9Sstevel@tonic-gate p->p_cred = newcr; 3427c478bd9Sstevel@tonic-gate 343f48205beScasper if (euid != -1) { 3447c478bd9Sstevel@tonic-gate newcr->cr_uid = euid; 345f48205beScasper crsetsid(newcr, ksp, KSID_USER); 346f48205beScasper } 3477c478bd9Sstevel@tonic-gate if (ruid != -1) { 3487c478bd9Sstevel@tonic-gate oldruid = newcr->cr_ruid; 3497c478bd9Sstevel@tonic-gate newcr->cr_ruid = ruid; 3507c478bd9Sstevel@tonic-gate ASSERT(ruid != oldruid ? uidchge : 1); 3517c478bd9Sstevel@tonic-gate } 3527c478bd9Sstevel@tonic-gate /* 3537c478bd9Sstevel@tonic-gate * "If the real uid is being changed, or the effective uid is 3547c478bd9Sstevel@tonic-gate * being changed to a value not equal to the real uid, the 3557c478bd9Sstevel@tonic-gate * saved uid is set to the new effective uid." 3567c478bd9Sstevel@tonic-gate */ 3577c478bd9Sstevel@tonic-gate if (ruid != -1 || 3587c478bd9Sstevel@tonic-gate (euid != -1 && newcr->cr_uid != newcr->cr_ruid)) 3597c478bd9Sstevel@tonic-gate newcr->cr_suid = newcr->cr_uid; 3607c478bd9Sstevel@tonic-gate /* 3617c478bd9Sstevel@tonic-gate * A process that gives up its privilege 3627c478bd9Sstevel@tonic-gate * must be marked to produce no core dump. 3637c478bd9Sstevel@tonic-gate */ 3647c478bd9Sstevel@tonic-gate if ((cr->cr_uid != newcr->cr_uid || 3657c478bd9Sstevel@tonic-gate cr->cr_ruid != newcr->cr_ruid || 3667c478bd9Sstevel@tonic-gate cr->cr_suid != newcr->cr_suid)) 3677c478bd9Sstevel@tonic-gate do_nocd = 1; 3687c478bd9Sstevel@tonic-gate 369*982b4ad2SCasper H.S. Dik priv_reset_PA(newcr, ruid != -1 && euid != -1 && ruid == euid); 3707c478bd9Sstevel@tonic-gate crfree(cr); 3717c478bd9Sstevel@tonic-gate } 3727c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 3737c478bd9Sstevel@tonic-gate 3747c478bd9Sstevel@tonic-gate /* 3757c478bd9Sstevel@tonic-gate * We decrement the number of processes associated with the oldruid 3767c478bd9Sstevel@tonic-gate * to match the increment above, even if the ruid of the process 3777c478bd9Sstevel@tonic-gate * did not change or an error occurred (oldruid == uid). 3787c478bd9Sstevel@tonic-gate */ 3797c478bd9Sstevel@tonic-gate if (uidchge) { 3807c478bd9Sstevel@tonic-gate ASSERT(oldruid != -1 && ruid != -1); 3817c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 3827c478bd9Sstevel@tonic-gate upcount_dec(oldruid, zoneid); 3837c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 3847c478bd9Sstevel@tonic-gate } 3857c478bd9Sstevel@tonic-gate 3867c478bd9Sstevel@tonic-gate if (error == 0) { 3877c478bd9Sstevel@tonic-gate if (do_nocd) { 3887c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 3897c478bd9Sstevel@tonic-gate p->p_flag |= SNOCD; 3907c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 3917c478bd9Sstevel@tonic-gate } 3927c478bd9Sstevel@tonic-gate crset(p, newcr); /* broadcast to process threads */ 3937c478bd9Sstevel@tonic-gate return (0); 3947c478bd9Sstevel@tonic-gate } 3957c478bd9Sstevel@tonic-gate crfree(newcr); 396f48205beScasper if (ksp != NULL) 397f48205beScasper ksid_rele(ksp); 3987c478bd9Sstevel@tonic-gate return (set_errno(error)); 3997c478bd9Sstevel@tonic-gate } 400