17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5f48205beScasper * Common Development and Distribution License (the "License"). 6f48205beScasper * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22bda89588Sjp151216 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate /* 277c478bd9Sstevel@tonic-gate * Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T 287c478bd9Sstevel@tonic-gate */ 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 317c478bd9Sstevel@tonic-gate 327c478bd9Sstevel@tonic-gate #include <sys/param.h> 337c478bd9Sstevel@tonic-gate #include <sys/types.h> 347c478bd9Sstevel@tonic-gate #include <sys/sysmacros.h> 357c478bd9Sstevel@tonic-gate #include <sys/systm.h> 367c478bd9Sstevel@tonic-gate #include <sys/tuneable.h> 377c478bd9Sstevel@tonic-gate #include <sys/cred_impl.h> 387c478bd9Sstevel@tonic-gate #include <sys/errno.h> 397c478bd9Sstevel@tonic-gate #include <sys/proc.h> 407c478bd9Sstevel@tonic-gate #include <sys/signal.h> 417c478bd9Sstevel@tonic-gate #include <sys/debug.h> 427c478bd9Sstevel@tonic-gate #include <sys/policy.h> 437c478bd9Sstevel@tonic-gate #include <sys/zone.h> 44f48205beScasper #include <sys/sid.h> 457c478bd9Sstevel@tonic-gate 467c478bd9Sstevel@tonic-gate int 477c478bd9Sstevel@tonic-gate setuid(uid_t uid) 487c478bd9Sstevel@tonic-gate { 49f48205beScasper proc_t *p; 507c478bd9Sstevel@tonic-gate int error; 517c478bd9Sstevel@tonic-gate int do_nocd = 0; 527c478bd9Sstevel@tonic-gate int uidchge = 0; 537c478bd9Sstevel@tonic-gate cred_t *cr, *newcr; 547c478bd9Sstevel@tonic-gate uid_t oldruid = uid; 557c478bd9Sstevel@tonic-gate zoneid_t zoneid = getzoneid(); 56f48205beScasper ksid_t ksid, *ksp; 57bda89588Sjp151216 zone_t *zone = crgetzone(CRED()); 587c478bd9Sstevel@tonic-gate 59bda89588Sjp151216 if (!VALID_UID(uid, zone)) 607c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 617c478bd9Sstevel@tonic-gate 62f48205beScasper if (uid > MAXUID) { 63bda89588Sjp151216 if (ksid_lookupbyuid(zone, uid, &ksid) != 0) 64f48205beScasper return (set_errno(EINVAL)); 65f48205beScasper ksp = &ksid; 66f48205beScasper } else { 67f48205beScasper ksp = NULL; 68f48205beScasper } 697c478bd9Sstevel@tonic-gate /* 707c478bd9Sstevel@tonic-gate * Need to pre-allocate the new cred structure before grabbing 71*ddf7fe95Scasper * the p_crlock mutex. We can't hold on to the p_crlock for most 72*ddf7fe95Scasper * if this though, now that we allow kernel upcalls from the 73*ddf7fe95Scasper * policy routines. 747c478bd9Sstevel@tonic-gate */ 75f48205beScasper newcr = cralloc_ksid(); 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate p = ttoproc(curthread); 787c478bd9Sstevel@tonic-gate 797c478bd9Sstevel@tonic-gate retry: 807c478bd9Sstevel@tonic-gate mutex_enter(&p->p_crlock); 81*ddf7fe95Scasper retry_locked: 827c478bd9Sstevel@tonic-gate cr = p->p_cred; 83*ddf7fe95Scasper crhold(cr); 84*ddf7fe95Scasper mutex_exit(&p->p_crlock); 857c478bd9Sstevel@tonic-gate 867c478bd9Sstevel@tonic-gate if ((uid == cr->cr_ruid || uid == cr->cr_suid) && 877c478bd9Sstevel@tonic-gate secpolicy_allow_setid(cr, uid, B_TRUE) != 0) { 88*ddf7fe95Scasper mutex_enter(&p->p_crlock); 89*ddf7fe95Scasper crfree(cr); 90*ddf7fe95Scasper if (cr != p->p_cred) 91*ddf7fe95Scasper goto retry_locked; 927c478bd9Sstevel@tonic-gate error = 0; 937c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 947c478bd9Sstevel@tonic-gate p->p_cred = newcr; 957c478bd9Sstevel@tonic-gate newcr->cr_uid = uid; 96f48205beScasper crsetsid(newcr, ksp, KSID_USER); 97*ddf7fe95Scasper mutex_exit(&p->p_crlock); 987c478bd9Sstevel@tonic-gate } else if ((error = secpolicy_allow_setid(cr, uid, B_FALSE)) == 0) { 99*ddf7fe95Scasper mutex_enter(&p->p_crlock); 100*ddf7fe95Scasper crfree(cr); 101*ddf7fe95Scasper if (cr != p->p_cred) 102*ddf7fe95Scasper goto retry_locked; 1037c478bd9Sstevel@tonic-gate if (!uidchge && uid != cr->cr_ruid) { 1047c478bd9Sstevel@tonic-gate /* 1057c478bd9Sstevel@tonic-gate * The ruid of the process is going to change. In order 1067c478bd9Sstevel@tonic-gate * to avoid a race condition involving the 1077c478bd9Sstevel@tonic-gate * process-count associated with the newly given ruid, 1087c478bd9Sstevel@tonic-gate * we increment the count before assigning the 1097c478bd9Sstevel@tonic-gate * credential to the process. 1107c478bd9Sstevel@tonic-gate * To do that, we'll have to take pidlock, so we first 1117c478bd9Sstevel@tonic-gate * release p_crlock. 1127c478bd9Sstevel@tonic-gate */ 1137c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 1147c478bd9Sstevel@tonic-gate uidchge = 1; 1157c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 1167c478bd9Sstevel@tonic-gate upcount_inc(uid, zoneid); 1177c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 1187c478bd9Sstevel@tonic-gate /* 1197c478bd9Sstevel@tonic-gate * As we released p_crlock we can't rely on the cr 1207c478bd9Sstevel@tonic-gate * we read. So retry the whole thing. 1217c478bd9Sstevel@tonic-gate */ 1227c478bd9Sstevel@tonic-gate goto retry; 1237c478bd9Sstevel@tonic-gate } 1247c478bd9Sstevel@tonic-gate /* 1257c478bd9Sstevel@tonic-gate * A privileged process that gives up its privilege 1267c478bd9Sstevel@tonic-gate * must be marked to produce no core dump. 1277c478bd9Sstevel@tonic-gate */ 1287c478bd9Sstevel@tonic-gate if (cr->cr_uid != uid || 1297c478bd9Sstevel@tonic-gate cr->cr_ruid != uid || 1307c478bd9Sstevel@tonic-gate cr->cr_suid != uid) 1317c478bd9Sstevel@tonic-gate do_nocd = 1; 1327c478bd9Sstevel@tonic-gate oldruid = cr->cr_ruid; 1337c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 1347c478bd9Sstevel@tonic-gate p->p_cred = newcr; 1357c478bd9Sstevel@tonic-gate newcr->cr_ruid = uid; 1367c478bd9Sstevel@tonic-gate newcr->cr_suid = uid; 1377c478bd9Sstevel@tonic-gate newcr->cr_uid = uid; 138f48205beScasper crsetsid(newcr, ksp, KSID_USER); 1397c478bd9Sstevel@tonic-gate ASSERT(uid != oldruid ? uidchge : 1); 140*ddf7fe95Scasper mutex_exit(&p->p_crlock); 141f48205beScasper } else { 1427c478bd9Sstevel@tonic-gate crfree(newcr); 143*ddf7fe95Scasper crfree(cr); 144f48205beScasper if (ksp != NULL) 145f48205beScasper ksid_rele(ksp); 146f48205beScasper } 1477c478bd9Sstevel@tonic-gate 1487c478bd9Sstevel@tonic-gate /* 1497c478bd9Sstevel@tonic-gate * We decrement the number of processes associated with the oldruid 1507c478bd9Sstevel@tonic-gate * to match the increment above, even if the ruid of the process 1517c478bd9Sstevel@tonic-gate * did not change or an error occurred (oldruid == uid). 1527c478bd9Sstevel@tonic-gate */ 1537c478bd9Sstevel@tonic-gate if (uidchge) { 1547c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 1557c478bd9Sstevel@tonic-gate upcount_dec(oldruid, zoneid); 1567c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 1577c478bd9Sstevel@tonic-gate } 1587c478bd9Sstevel@tonic-gate 1597c478bd9Sstevel@tonic-gate if (error == 0) { 1607c478bd9Sstevel@tonic-gate if (do_nocd) { 1617c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 1627c478bd9Sstevel@tonic-gate p->p_flag |= SNOCD; 1637c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 1647c478bd9Sstevel@tonic-gate } 1657c478bd9Sstevel@tonic-gate crset(p, newcr); /* broadcast to process threads */ 1667c478bd9Sstevel@tonic-gate return (0); 1677c478bd9Sstevel@tonic-gate } 1687c478bd9Sstevel@tonic-gate return (set_errno(error)); 1697c478bd9Sstevel@tonic-gate } 1707c478bd9Sstevel@tonic-gate 1717c478bd9Sstevel@tonic-gate int64_t 1727c478bd9Sstevel@tonic-gate getuid(void) 1737c478bd9Sstevel@tonic-gate { 1747c478bd9Sstevel@tonic-gate rval_t r; 1757c478bd9Sstevel@tonic-gate cred_t *cr; 1767c478bd9Sstevel@tonic-gate 1777c478bd9Sstevel@tonic-gate cr = curthread->t_cred; 1787c478bd9Sstevel@tonic-gate r.r_val1 = cr->cr_ruid; 1797c478bd9Sstevel@tonic-gate r.r_val2 = cr->cr_uid; 1807c478bd9Sstevel@tonic-gate return (r.r_vals); 1817c478bd9Sstevel@tonic-gate } 1827c478bd9Sstevel@tonic-gate 1837c478bd9Sstevel@tonic-gate int 1847c478bd9Sstevel@tonic-gate seteuid(uid_t uid) 1857c478bd9Sstevel@tonic-gate { 186f48205beScasper proc_t *p; 1877c478bd9Sstevel@tonic-gate int error = EPERM; 1887c478bd9Sstevel@tonic-gate int do_nocd = 0; 1897c478bd9Sstevel@tonic-gate cred_t *cr, *newcr; 190f48205beScasper ksid_t ksid, *ksp; 191bda89588Sjp151216 zone_t *zone = crgetzone(CRED()); 1927c478bd9Sstevel@tonic-gate 193bda89588Sjp151216 if (!VALID_UID(uid, zone)) 1947c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 1957c478bd9Sstevel@tonic-gate 196f48205beScasper if (uid > MAXUID) { 197bda89588Sjp151216 if (ksid_lookupbyuid(zone, uid, &ksid) != 0) 198f48205beScasper return (set_errno(EINVAL)); 199f48205beScasper ksp = &ksid; 200f48205beScasper } else { 201f48205beScasper ksp = NULL; 202f48205beScasper } 203f48205beScasper 2047c478bd9Sstevel@tonic-gate /* 2057c478bd9Sstevel@tonic-gate * Need to pre-allocate the new cred structure before grabbing 2067c478bd9Sstevel@tonic-gate * the p_crlock mutex. 2077c478bd9Sstevel@tonic-gate */ 208f48205beScasper newcr = cralloc_ksid(); 2097c478bd9Sstevel@tonic-gate p = ttoproc(curthread); 2107c478bd9Sstevel@tonic-gate mutex_enter(&p->p_crlock); 211*ddf7fe95Scasper retry: 212*ddf7fe95Scasper crhold(cr = p->p_cred); 213*ddf7fe95Scasper mutex_exit(&p->p_crlock); 2147c478bd9Sstevel@tonic-gate 2157c478bd9Sstevel@tonic-gate if (uid == cr->cr_ruid || uid == cr->cr_uid || uid == cr->cr_suid || 2167c478bd9Sstevel@tonic-gate (error = secpolicy_allow_setid(cr, uid, B_FALSE)) == 0) { 2177c478bd9Sstevel@tonic-gate /* 2187c478bd9Sstevel@tonic-gate * A privileged process that makes itself look like a 2197c478bd9Sstevel@tonic-gate * set-uid process must be marked to produce no core dump, 2207c478bd9Sstevel@tonic-gate * if the effective uid did changed. 2217c478bd9Sstevel@tonic-gate */ 222*ddf7fe95Scasper mutex_enter(&p->p_crlock); 223*ddf7fe95Scasper crfree(cr); 224*ddf7fe95Scasper if (cr != p->p_cred) 225*ddf7fe95Scasper goto retry; 2267c478bd9Sstevel@tonic-gate if (cr->cr_uid != uid && error == 0) 2277c478bd9Sstevel@tonic-gate do_nocd = 1; 2287c478bd9Sstevel@tonic-gate error = 0; 2297c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 2307c478bd9Sstevel@tonic-gate p->p_cred = newcr; 2317c478bd9Sstevel@tonic-gate newcr->cr_uid = uid; 232f48205beScasper crsetsid(newcr, ksp, KSID_USER); 2337c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 2347c478bd9Sstevel@tonic-gate if (do_nocd) { 2357c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 2367c478bd9Sstevel@tonic-gate p->p_flag |= SNOCD; 2377c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 2387c478bd9Sstevel@tonic-gate } 2397c478bd9Sstevel@tonic-gate crset(p, newcr); /* broadcast to process threads */ 2407c478bd9Sstevel@tonic-gate return (0); 2417c478bd9Sstevel@tonic-gate } 242*ddf7fe95Scasper 243*ddf7fe95Scasper crfree(newcr); 244*ddf7fe95Scasper crfree(cr); 245*ddf7fe95Scasper if (ksp != NULL) 246*ddf7fe95Scasper ksid_rele(ksp); 2477c478bd9Sstevel@tonic-gate return (set_errno(error)); 2487c478bd9Sstevel@tonic-gate } 2497c478bd9Sstevel@tonic-gate 2507c478bd9Sstevel@tonic-gate /* 2517c478bd9Sstevel@tonic-gate * Buy-back from SunOS 4.x 2527c478bd9Sstevel@tonic-gate * 2537c478bd9Sstevel@tonic-gate * Like setuid() and seteuid() combined -except- that non-root users 2547c478bd9Sstevel@tonic-gate * can change cr_ruid to cr_uid, and the semantics of cr_suid are 2557c478bd9Sstevel@tonic-gate * subtly different. 2567c478bd9Sstevel@tonic-gate */ 2577c478bd9Sstevel@tonic-gate int 2587c478bd9Sstevel@tonic-gate setreuid(uid_t ruid, uid_t euid) 2597c478bd9Sstevel@tonic-gate { 2607c478bd9Sstevel@tonic-gate proc_t *p; 2617c478bd9Sstevel@tonic-gate int error = 0; 2627c478bd9Sstevel@tonic-gate int do_nocd = 0; 2637c478bd9Sstevel@tonic-gate int uidchge = 0; 2647c478bd9Sstevel@tonic-gate uid_t oldruid = ruid; 2657c478bd9Sstevel@tonic-gate cred_t *cr, *newcr; 2667c478bd9Sstevel@tonic-gate zoneid_t zoneid = getzoneid(); 267f48205beScasper ksid_t ksid, *ksp; 268bda89588Sjp151216 zone_t *zone = crgetzone(CRED()); 2697c478bd9Sstevel@tonic-gate 270bda89588Sjp151216 if ((ruid != -1 && !VALID_UID(ruid, zone)) || 271bda89588Sjp151216 (euid != -1 && !VALID_UID(euid, zone))) 2727c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 2737c478bd9Sstevel@tonic-gate 274f48205beScasper if (euid != -1 && euid > MAXUID) { 275bda89588Sjp151216 if (ksid_lookupbyuid(zone, euid, &ksid) != 0) 276f48205beScasper return (set_errno(EINVAL)); 277f48205beScasper ksp = &ksid; 278f48205beScasper } else { 279f48205beScasper ksp = NULL; 280f48205beScasper } 281f48205beScasper 2827c478bd9Sstevel@tonic-gate /* 2837c478bd9Sstevel@tonic-gate * Need to pre-allocate the new cred structure before grabbing 2847c478bd9Sstevel@tonic-gate * the p_crlock mutex. 2857c478bd9Sstevel@tonic-gate */ 286f48205beScasper newcr = cralloc_ksid(); 2877c478bd9Sstevel@tonic-gate 2887c478bd9Sstevel@tonic-gate p = ttoproc(curthread); 2897c478bd9Sstevel@tonic-gate 2907c478bd9Sstevel@tonic-gate retry: 2917c478bd9Sstevel@tonic-gate mutex_enter(&p->p_crlock); 292*ddf7fe95Scasper retry_locked: 293*ddf7fe95Scasper crhold(cr = p->p_cred); 294*ddf7fe95Scasper mutex_exit(&p->p_crlock); 2957c478bd9Sstevel@tonic-gate 2967c478bd9Sstevel@tonic-gate if (ruid != -1 && ruid != cr->cr_ruid && ruid != cr->cr_uid && 2977c478bd9Sstevel@tonic-gate secpolicy_allow_setid(cr, ruid, B_FALSE) != 0) { 298*ddf7fe95Scasper mutex_enter(&p->p_crlock); 299*ddf7fe95Scasper crfree(cr); 300*ddf7fe95Scasper if (cr != p->p_cred) 301*ddf7fe95Scasper goto retry_locked; 3027c478bd9Sstevel@tonic-gate error = EPERM; 3037c478bd9Sstevel@tonic-gate } else if (euid != -1 && 3047c478bd9Sstevel@tonic-gate euid != cr->cr_ruid && euid != cr->cr_uid && 3057c478bd9Sstevel@tonic-gate euid != cr->cr_suid && secpolicy_allow_setid(cr, euid, B_FALSE)) { 306*ddf7fe95Scasper mutex_enter(&p->p_crlock); 307*ddf7fe95Scasper crfree(cr); 308*ddf7fe95Scasper if (cr != p->p_cred) 309*ddf7fe95Scasper goto retry_locked; 3107c478bd9Sstevel@tonic-gate error = EPERM; 3117c478bd9Sstevel@tonic-gate } else { 312*ddf7fe95Scasper mutex_enter(&p->p_crlock); 313*ddf7fe95Scasper crfree(cr); 314*ddf7fe95Scasper if (cr != p->p_cred) 315*ddf7fe95Scasper goto retry_locked; 3167c478bd9Sstevel@tonic-gate if (!uidchge && ruid != -1 && cr->cr_ruid != ruid) { 3177c478bd9Sstevel@tonic-gate /* 3187c478bd9Sstevel@tonic-gate * The ruid of the process is going to change. In order 3197c478bd9Sstevel@tonic-gate * to avoid a race condition involving the 3207c478bd9Sstevel@tonic-gate * process-count associated with the newly given ruid, 3217c478bd9Sstevel@tonic-gate * we increment the count before assigning the 3227c478bd9Sstevel@tonic-gate * credential to the process. 3237c478bd9Sstevel@tonic-gate * To do that, we'll have to take pidlock, so we first 3247c478bd9Sstevel@tonic-gate * release p_crlock. 3257c478bd9Sstevel@tonic-gate */ 3267c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 3277c478bd9Sstevel@tonic-gate uidchge = 1; 3287c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 3297c478bd9Sstevel@tonic-gate upcount_inc(ruid, zoneid); 3307c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 3317c478bd9Sstevel@tonic-gate /* 3327c478bd9Sstevel@tonic-gate * As we released p_crlock we can't rely on the cr 3337c478bd9Sstevel@tonic-gate * we read. So retry the whole thing. 3347c478bd9Sstevel@tonic-gate */ 3357c478bd9Sstevel@tonic-gate goto retry; 3367c478bd9Sstevel@tonic-gate } 3377c478bd9Sstevel@tonic-gate crhold(cr); 3387c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 3397c478bd9Sstevel@tonic-gate p->p_cred = newcr; 3407c478bd9Sstevel@tonic-gate 341f48205beScasper if (euid != -1) { 3427c478bd9Sstevel@tonic-gate newcr->cr_uid = euid; 343f48205beScasper crsetsid(newcr, ksp, KSID_USER); 344f48205beScasper } 3457c478bd9Sstevel@tonic-gate if (ruid != -1) { 3467c478bd9Sstevel@tonic-gate oldruid = newcr->cr_ruid; 3477c478bd9Sstevel@tonic-gate newcr->cr_ruid = ruid; 3487c478bd9Sstevel@tonic-gate ASSERT(ruid != oldruid ? uidchge : 1); 3497c478bd9Sstevel@tonic-gate } 3507c478bd9Sstevel@tonic-gate /* 3517c478bd9Sstevel@tonic-gate * "If the real uid is being changed, or the effective uid is 3527c478bd9Sstevel@tonic-gate * being changed to a value not equal to the real uid, the 3537c478bd9Sstevel@tonic-gate * saved uid is set to the new effective uid." 3547c478bd9Sstevel@tonic-gate */ 3557c478bd9Sstevel@tonic-gate if (ruid != -1 || 3567c478bd9Sstevel@tonic-gate (euid != -1 && newcr->cr_uid != newcr->cr_ruid)) 3577c478bd9Sstevel@tonic-gate newcr->cr_suid = newcr->cr_uid; 3587c478bd9Sstevel@tonic-gate /* 3597c478bd9Sstevel@tonic-gate * A process that gives up its privilege 3607c478bd9Sstevel@tonic-gate * must be marked to produce no core dump. 3617c478bd9Sstevel@tonic-gate */ 3627c478bd9Sstevel@tonic-gate if ((cr->cr_uid != newcr->cr_uid || 3637c478bd9Sstevel@tonic-gate cr->cr_ruid != newcr->cr_ruid || 3647c478bd9Sstevel@tonic-gate cr->cr_suid != newcr->cr_suid)) 3657c478bd9Sstevel@tonic-gate do_nocd = 1; 3667c478bd9Sstevel@tonic-gate 3677c478bd9Sstevel@tonic-gate crfree(cr); 3687c478bd9Sstevel@tonic-gate } 3697c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 3707c478bd9Sstevel@tonic-gate 3717c478bd9Sstevel@tonic-gate /* 3727c478bd9Sstevel@tonic-gate * We decrement the number of processes associated with the oldruid 3737c478bd9Sstevel@tonic-gate * to match the increment above, even if the ruid of the process 3747c478bd9Sstevel@tonic-gate * did not change or an error occurred (oldruid == uid). 3757c478bd9Sstevel@tonic-gate */ 3767c478bd9Sstevel@tonic-gate if (uidchge) { 3777c478bd9Sstevel@tonic-gate ASSERT(oldruid != -1 && ruid != -1); 3787c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 3797c478bd9Sstevel@tonic-gate upcount_dec(oldruid, zoneid); 3807c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 3817c478bd9Sstevel@tonic-gate } 3827c478bd9Sstevel@tonic-gate 3837c478bd9Sstevel@tonic-gate if (error == 0) { 3847c478bd9Sstevel@tonic-gate if (do_nocd) { 3857c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 3867c478bd9Sstevel@tonic-gate p->p_flag |= SNOCD; 3877c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 3887c478bd9Sstevel@tonic-gate } 3897c478bd9Sstevel@tonic-gate crset(p, newcr); /* broadcast to process threads */ 3907c478bd9Sstevel@tonic-gate return (0); 3917c478bd9Sstevel@tonic-gate } 3927c478bd9Sstevel@tonic-gate crfree(newcr); 393f48205beScasper if (ksp != NULL) 394f48205beScasper ksid_rele(ksp); 3957c478bd9Sstevel@tonic-gate return (set_errno(error)); 3967c478bd9Sstevel@tonic-gate } 397