17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*f48205beScasper * Common Development and Distribution License (the "License"). 6*f48205beScasper * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*f48205beScasper * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate /* 277c478bd9Sstevel@tonic-gate * Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T 287c478bd9Sstevel@tonic-gate */ 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 317c478bd9Sstevel@tonic-gate 327c478bd9Sstevel@tonic-gate #include <sys/param.h> 337c478bd9Sstevel@tonic-gate #include <sys/types.h> 347c478bd9Sstevel@tonic-gate #include <sys/sysmacros.h> 357c478bd9Sstevel@tonic-gate #include <sys/systm.h> 367c478bd9Sstevel@tonic-gate #include <sys/tuneable.h> 377c478bd9Sstevel@tonic-gate #include <sys/cred_impl.h> 387c478bd9Sstevel@tonic-gate #include <sys/errno.h> 397c478bd9Sstevel@tonic-gate #include <sys/proc.h> 407c478bd9Sstevel@tonic-gate #include <sys/signal.h> 417c478bd9Sstevel@tonic-gate #include <sys/debug.h> 427c478bd9Sstevel@tonic-gate #include <sys/policy.h> 437c478bd9Sstevel@tonic-gate #include <sys/zone.h> 44*f48205beScasper #include <sys/sid.h> 457c478bd9Sstevel@tonic-gate 467c478bd9Sstevel@tonic-gate int 477c478bd9Sstevel@tonic-gate setuid(uid_t uid) 487c478bd9Sstevel@tonic-gate { 49*f48205beScasper proc_t *p; 507c478bd9Sstevel@tonic-gate int error; 517c478bd9Sstevel@tonic-gate int do_nocd = 0; 527c478bd9Sstevel@tonic-gate int uidchge = 0; 537c478bd9Sstevel@tonic-gate cred_t *cr, *newcr; 547c478bd9Sstevel@tonic-gate uid_t oldruid = uid; 557c478bd9Sstevel@tonic-gate zoneid_t zoneid = getzoneid(); 56*f48205beScasper ksid_t ksid, *ksp; 577c478bd9Sstevel@tonic-gate 58*f48205beScasper if (!VALID_UID(uid)) 597c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 607c478bd9Sstevel@tonic-gate 61*f48205beScasper if (uid > MAXUID) { 62*f48205beScasper if (ksid_lookup(uid, &ksid) != 0) 63*f48205beScasper return (set_errno(EINVAL)); 64*f48205beScasper ksp = &ksid; 65*f48205beScasper } else { 66*f48205beScasper ksp = NULL; 67*f48205beScasper } 687c478bd9Sstevel@tonic-gate /* 697c478bd9Sstevel@tonic-gate * Need to pre-allocate the new cred structure before grabbing 707c478bd9Sstevel@tonic-gate * the p_crlock mutex. 717c478bd9Sstevel@tonic-gate */ 72*f48205beScasper newcr = cralloc_ksid(); 737c478bd9Sstevel@tonic-gate 747c478bd9Sstevel@tonic-gate p = ttoproc(curthread); 757c478bd9Sstevel@tonic-gate 767c478bd9Sstevel@tonic-gate retry: 777c478bd9Sstevel@tonic-gate mutex_enter(&p->p_crlock); 787c478bd9Sstevel@tonic-gate cr = p->p_cred; 797c478bd9Sstevel@tonic-gate 807c478bd9Sstevel@tonic-gate if ((uid == cr->cr_ruid || uid == cr->cr_suid) && 817c478bd9Sstevel@tonic-gate secpolicy_allow_setid(cr, uid, B_TRUE) != 0) { 827c478bd9Sstevel@tonic-gate error = 0; 837c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 847c478bd9Sstevel@tonic-gate p->p_cred = newcr; 857c478bd9Sstevel@tonic-gate newcr->cr_uid = uid; 86*f48205beScasper crsetsid(newcr, ksp, KSID_USER); 877c478bd9Sstevel@tonic-gate } else if ((error = secpolicy_allow_setid(cr, uid, B_FALSE)) == 0) { 887c478bd9Sstevel@tonic-gate if (!uidchge && uid != cr->cr_ruid) { 897c478bd9Sstevel@tonic-gate /* 907c478bd9Sstevel@tonic-gate * The ruid of the process is going to change. In order 917c478bd9Sstevel@tonic-gate * to avoid a race condition involving the 927c478bd9Sstevel@tonic-gate * process-count associated with the newly given ruid, 937c478bd9Sstevel@tonic-gate * we increment the count before assigning the 947c478bd9Sstevel@tonic-gate * credential to the process. 957c478bd9Sstevel@tonic-gate * To do that, we'll have to take pidlock, so we first 967c478bd9Sstevel@tonic-gate * release p_crlock. 977c478bd9Sstevel@tonic-gate */ 987c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 997c478bd9Sstevel@tonic-gate uidchge = 1; 1007c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 1017c478bd9Sstevel@tonic-gate upcount_inc(uid, zoneid); 1027c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 1037c478bd9Sstevel@tonic-gate /* 1047c478bd9Sstevel@tonic-gate * As we released p_crlock we can't rely on the cr 1057c478bd9Sstevel@tonic-gate * we read. So retry the whole thing. 1067c478bd9Sstevel@tonic-gate */ 1077c478bd9Sstevel@tonic-gate goto retry; 1087c478bd9Sstevel@tonic-gate } 1097c478bd9Sstevel@tonic-gate /* 1107c478bd9Sstevel@tonic-gate * A privileged process that gives up its privilege 1117c478bd9Sstevel@tonic-gate * must be marked to produce no core dump. 1127c478bd9Sstevel@tonic-gate */ 1137c478bd9Sstevel@tonic-gate if (cr->cr_uid != uid || 1147c478bd9Sstevel@tonic-gate cr->cr_ruid != uid || 1157c478bd9Sstevel@tonic-gate cr->cr_suid != uid) 1167c478bd9Sstevel@tonic-gate do_nocd = 1; 1177c478bd9Sstevel@tonic-gate oldruid = cr->cr_ruid; 1187c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 1197c478bd9Sstevel@tonic-gate p->p_cred = newcr; 1207c478bd9Sstevel@tonic-gate newcr->cr_ruid = uid; 1217c478bd9Sstevel@tonic-gate newcr->cr_suid = uid; 1227c478bd9Sstevel@tonic-gate newcr->cr_uid = uid; 123*f48205beScasper crsetsid(newcr, ksp, KSID_USER); 1247c478bd9Sstevel@tonic-gate ASSERT(uid != oldruid ? uidchge : 1); 125*f48205beScasper } else { 1267c478bd9Sstevel@tonic-gate crfree(newcr); 127*f48205beScasper if (ksp != NULL) 128*f48205beScasper ksid_rele(ksp); 129*f48205beScasper } 1307c478bd9Sstevel@tonic-gate 1317c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 1327c478bd9Sstevel@tonic-gate 1337c478bd9Sstevel@tonic-gate /* 1347c478bd9Sstevel@tonic-gate * We decrement the number of processes associated with the oldruid 1357c478bd9Sstevel@tonic-gate * to match the increment above, even if the ruid of the process 1367c478bd9Sstevel@tonic-gate * did not change or an error occurred (oldruid == uid). 1377c478bd9Sstevel@tonic-gate */ 1387c478bd9Sstevel@tonic-gate if (uidchge) { 1397c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 1407c478bd9Sstevel@tonic-gate upcount_dec(oldruid, zoneid); 1417c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 1427c478bd9Sstevel@tonic-gate } 1437c478bd9Sstevel@tonic-gate 1447c478bd9Sstevel@tonic-gate if (error == 0) { 1457c478bd9Sstevel@tonic-gate if (do_nocd) { 1467c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 1477c478bd9Sstevel@tonic-gate p->p_flag |= SNOCD; 1487c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 1497c478bd9Sstevel@tonic-gate } 1507c478bd9Sstevel@tonic-gate crset(p, newcr); /* broadcast to process threads */ 1517c478bd9Sstevel@tonic-gate return (0); 1527c478bd9Sstevel@tonic-gate } 1537c478bd9Sstevel@tonic-gate return (set_errno(error)); 1547c478bd9Sstevel@tonic-gate } 1557c478bd9Sstevel@tonic-gate 1567c478bd9Sstevel@tonic-gate int64_t 1577c478bd9Sstevel@tonic-gate getuid(void) 1587c478bd9Sstevel@tonic-gate { 1597c478bd9Sstevel@tonic-gate rval_t r; 1607c478bd9Sstevel@tonic-gate cred_t *cr; 1617c478bd9Sstevel@tonic-gate 1627c478bd9Sstevel@tonic-gate cr = curthread->t_cred; 1637c478bd9Sstevel@tonic-gate r.r_val1 = cr->cr_ruid; 1647c478bd9Sstevel@tonic-gate r.r_val2 = cr->cr_uid; 1657c478bd9Sstevel@tonic-gate return (r.r_vals); 1667c478bd9Sstevel@tonic-gate } 1677c478bd9Sstevel@tonic-gate 1687c478bd9Sstevel@tonic-gate int 1697c478bd9Sstevel@tonic-gate seteuid(uid_t uid) 1707c478bd9Sstevel@tonic-gate { 171*f48205beScasper proc_t *p; 1727c478bd9Sstevel@tonic-gate int error = EPERM; 1737c478bd9Sstevel@tonic-gate int do_nocd = 0; 1747c478bd9Sstevel@tonic-gate cred_t *cr, *newcr; 175*f48205beScasper ksid_t ksid, *ksp; 1767c478bd9Sstevel@tonic-gate 177*f48205beScasper if (!VALID_UID(uid)) 1787c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 1797c478bd9Sstevel@tonic-gate 180*f48205beScasper if (uid > MAXUID) { 181*f48205beScasper if (ksid_lookup(uid, &ksid) != 0) 182*f48205beScasper return (set_errno(EINVAL)); 183*f48205beScasper ksp = &ksid; 184*f48205beScasper } else { 185*f48205beScasper ksp = NULL; 186*f48205beScasper } 187*f48205beScasper 1887c478bd9Sstevel@tonic-gate /* 1897c478bd9Sstevel@tonic-gate * Need to pre-allocate the new cred structure before grabbing 1907c478bd9Sstevel@tonic-gate * the p_crlock mutex. 1917c478bd9Sstevel@tonic-gate */ 192*f48205beScasper newcr = cralloc_ksid(); 1937c478bd9Sstevel@tonic-gate p = ttoproc(curthread); 1947c478bd9Sstevel@tonic-gate mutex_enter(&p->p_crlock); 1957c478bd9Sstevel@tonic-gate cr = p->p_cred; 1967c478bd9Sstevel@tonic-gate 1977c478bd9Sstevel@tonic-gate if (uid == cr->cr_ruid || uid == cr->cr_uid || uid == cr->cr_suid || 1987c478bd9Sstevel@tonic-gate (error = secpolicy_allow_setid(cr, uid, B_FALSE)) == 0) { 1997c478bd9Sstevel@tonic-gate /* 2007c478bd9Sstevel@tonic-gate * A privileged process that makes itself look like a 2017c478bd9Sstevel@tonic-gate * set-uid process must be marked to produce no core dump, 2027c478bd9Sstevel@tonic-gate * if the effective uid did changed. 2037c478bd9Sstevel@tonic-gate */ 2047c478bd9Sstevel@tonic-gate if (cr->cr_uid != uid && error == 0) 2057c478bd9Sstevel@tonic-gate do_nocd = 1; 2067c478bd9Sstevel@tonic-gate error = 0; 2077c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 2087c478bd9Sstevel@tonic-gate p->p_cred = newcr; 2097c478bd9Sstevel@tonic-gate newcr->cr_uid = uid; 210*f48205beScasper crsetsid(newcr, ksp, KSID_USER); 211*f48205beScasper } else { 2127c478bd9Sstevel@tonic-gate crfree(newcr); 213*f48205beScasper if (ksp != NULL) 214*f48205beScasper ksid_rele(ksp); 215*f48205beScasper } 2167c478bd9Sstevel@tonic-gate 2177c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 2187c478bd9Sstevel@tonic-gate 2197c478bd9Sstevel@tonic-gate if (error == 0) { 2207c478bd9Sstevel@tonic-gate if (do_nocd) { 2217c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 2227c478bd9Sstevel@tonic-gate p->p_flag |= SNOCD; 2237c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 2247c478bd9Sstevel@tonic-gate } 2257c478bd9Sstevel@tonic-gate crset(p, newcr); /* broadcast to process threads */ 2267c478bd9Sstevel@tonic-gate return (0); 2277c478bd9Sstevel@tonic-gate } 2287c478bd9Sstevel@tonic-gate return (set_errno(error)); 2297c478bd9Sstevel@tonic-gate } 2307c478bd9Sstevel@tonic-gate 2317c478bd9Sstevel@tonic-gate /* 2327c478bd9Sstevel@tonic-gate * Buy-back from SunOS 4.x 2337c478bd9Sstevel@tonic-gate * 2347c478bd9Sstevel@tonic-gate * Like setuid() and seteuid() combined -except- that non-root users 2357c478bd9Sstevel@tonic-gate * can change cr_ruid to cr_uid, and the semantics of cr_suid are 2367c478bd9Sstevel@tonic-gate * subtly different. 2377c478bd9Sstevel@tonic-gate */ 2387c478bd9Sstevel@tonic-gate int 2397c478bd9Sstevel@tonic-gate setreuid(uid_t ruid, uid_t euid) 2407c478bd9Sstevel@tonic-gate { 2417c478bd9Sstevel@tonic-gate proc_t *p; 2427c478bd9Sstevel@tonic-gate int error = 0; 2437c478bd9Sstevel@tonic-gate int do_nocd = 0; 2447c478bd9Sstevel@tonic-gate int uidchge = 0; 2457c478bd9Sstevel@tonic-gate uid_t oldruid = ruid; 2467c478bd9Sstevel@tonic-gate cred_t *cr, *newcr; 2477c478bd9Sstevel@tonic-gate zoneid_t zoneid = getzoneid(); 248*f48205beScasper ksid_t ksid, *ksp; 2497c478bd9Sstevel@tonic-gate 250*f48205beScasper if ((ruid != -1 && !VALID_UID(ruid)) || 251*f48205beScasper (euid != -1 && !VALID_UID(euid))) 2527c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 2537c478bd9Sstevel@tonic-gate 254*f48205beScasper if (euid != -1 && euid > MAXUID) { 255*f48205beScasper if (ksid_lookup(euid, &ksid) != 0) 256*f48205beScasper return (set_errno(EINVAL)); 257*f48205beScasper ksp = &ksid; 258*f48205beScasper } else { 259*f48205beScasper ksp = NULL; 260*f48205beScasper } 261*f48205beScasper 2627c478bd9Sstevel@tonic-gate /* 2637c478bd9Sstevel@tonic-gate * Need to pre-allocate the new cred structure before grabbing 2647c478bd9Sstevel@tonic-gate * the p_crlock mutex. 2657c478bd9Sstevel@tonic-gate */ 266*f48205beScasper newcr = cralloc_ksid(); 2677c478bd9Sstevel@tonic-gate 2687c478bd9Sstevel@tonic-gate p = ttoproc(curthread); 2697c478bd9Sstevel@tonic-gate 2707c478bd9Sstevel@tonic-gate retry: 2717c478bd9Sstevel@tonic-gate mutex_enter(&p->p_crlock); 2727c478bd9Sstevel@tonic-gate cr = p->p_cred; 2737c478bd9Sstevel@tonic-gate 2747c478bd9Sstevel@tonic-gate if (ruid != -1 && ruid != cr->cr_ruid && ruid != cr->cr_uid && 2757c478bd9Sstevel@tonic-gate secpolicy_allow_setid(cr, ruid, B_FALSE) != 0) { 2767c478bd9Sstevel@tonic-gate error = EPERM; 2777c478bd9Sstevel@tonic-gate } else if (euid != -1 && 2787c478bd9Sstevel@tonic-gate euid != cr->cr_ruid && euid != cr->cr_uid && 2797c478bd9Sstevel@tonic-gate euid != cr->cr_suid && secpolicy_allow_setid(cr, euid, B_FALSE)) { 2807c478bd9Sstevel@tonic-gate error = EPERM; 2817c478bd9Sstevel@tonic-gate } else { 2827c478bd9Sstevel@tonic-gate if (!uidchge && ruid != -1 && cr->cr_ruid != ruid) { 2837c478bd9Sstevel@tonic-gate /* 2847c478bd9Sstevel@tonic-gate * The ruid of the process is going to change. In order 2857c478bd9Sstevel@tonic-gate * to avoid a race condition involving the 2867c478bd9Sstevel@tonic-gate * process-count associated with the newly given ruid, 2877c478bd9Sstevel@tonic-gate * we increment the count before assigning the 2887c478bd9Sstevel@tonic-gate * credential to the process. 2897c478bd9Sstevel@tonic-gate * To do that, we'll have to take pidlock, so we first 2907c478bd9Sstevel@tonic-gate * release p_crlock. 2917c478bd9Sstevel@tonic-gate */ 2927c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 2937c478bd9Sstevel@tonic-gate uidchge = 1; 2947c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 2957c478bd9Sstevel@tonic-gate upcount_inc(ruid, zoneid); 2967c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 2977c478bd9Sstevel@tonic-gate /* 2987c478bd9Sstevel@tonic-gate * As we released p_crlock we can't rely on the cr 2997c478bd9Sstevel@tonic-gate * we read. So retry the whole thing. 3007c478bd9Sstevel@tonic-gate */ 3017c478bd9Sstevel@tonic-gate goto retry; 3027c478bd9Sstevel@tonic-gate } 3037c478bd9Sstevel@tonic-gate crhold(cr); 3047c478bd9Sstevel@tonic-gate crcopy_to(cr, newcr); 3057c478bd9Sstevel@tonic-gate p->p_cred = newcr; 3067c478bd9Sstevel@tonic-gate 307*f48205beScasper if (euid != -1) { 3087c478bd9Sstevel@tonic-gate newcr->cr_uid = euid; 309*f48205beScasper crsetsid(newcr, ksp, KSID_USER); 310*f48205beScasper } 3117c478bd9Sstevel@tonic-gate if (ruid != -1) { 3127c478bd9Sstevel@tonic-gate oldruid = newcr->cr_ruid; 3137c478bd9Sstevel@tonic-gate newcr->cr_ruid = ruid; 3147c478bd9Sstevel@tonic-gate ASSERT(ruid != oldruid ? uidchge : 1); 3157c478bd9Sstevel@tonic-gate } 3167c478bd9Sstevel@tonic-gate /* 3177c478bd9Sstevel@tonic-gate * "If the real uid is being changed, or the effective uid is 3187c478bd9Sstevel@tonic-gate * being changed to a value not equal to the real uid, the 3197c478bd9Sstevel@tonic-gate * saved uid is set to the new effective uid." 3207c478bd9Sstevel@tonic-gate */ 3217c478bd9Sstevel@tonic-gate if (ruid != -1 || 3227c478bd9Sstevel@tonic-gate (euid != -1 && newcr->cr_uid != newcr->cr_ruid)) 3237c478bd9Sstevel@tonic-gate newcr->cr_suid = newcr->cr_uid; 3247c478bd9Sstevel@tonic-gate /* 3257c478bd9Sstevel@tonic-gate * A process that gives up its privilege 3267c478bd9Sstevel@tonic-gate * must be marked to produce no core dump. 3277c478bd9Sstevel@tonic-gate */ 3287c478bd9Sstevel@tonic-gate if ((cr->cr_uid != newcr->cr_uid || 3297c478bd9Sstevel@tonic-gate cr->cr_ruid != newcr->cr_ruid || 3307c478bd9Sstevel@tonic-gate cr->cr_suid != newcr->cr_suid)) 3317c478bd9Sstevel@tonic-gate do_nocd = 1; 3327c478bd9Sstevel@tonic-gate 3337c478bd9Sstevel@tonic-gate crfree(cr); 3347c478bd9Sstevel@tonic-gate } 3357c478bd9Sstevel@tonic-gate mutex_exit(&p->p_crlock); 3367c478bd9Sstevel@tonic-gate 3377c478bd9Sstevel@tonic-gate /* 3387c478bd9Sstevel@tonic-gate * We decrement the number of processes associated with the oldruid 3397c478bd9Sstevel@tonic-gate * to match the increment above, even if the ruid of the process 3407c478bd9Sstevel@tonic-gate * did not change or an error occurred (oldruid == uid). 3417c478bd9Sstevel@tonic-gate */ 3427c478bd9Sstevel@tonic-gate if (uidchge) { 3437c478bd9Sstevel@tonic-gate ASSERT(oldruid != -1 && ruid != -1); 3447c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 3457c478bd9Sstevel@tonic-gate upcount_dec(oldruid, zoneid); 3467c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 3477c478bd9Sstevel@tonic-gate } 3487c478bd9Sstevel@tonic-gate 3497c478bd9Sstevel@tonic-gate if (error == 0) { 3507c478bd9Sstevel@tonic-gate if (do_nocd) { 3517c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 3527c478bd9Sstevel@tonic-gate p->p_flag |= SNOCD; 3537c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 3547c478bd9Sstevel@tonic-gate } 3557c478bd9Sstevel@tonic-gate crset(p, newcr); /* broadcast to process threads */ 3567c478bd9Sstevel@tonic-gate return (0); 3577c478bd9Sstevel@tonic-gate } 3587c478bd9Sstevel@tonic-gate crfree(newcr); 359*f48205beScasper if (ksp != NULL) 360*f48205beScasper ksid_rele(ksp); 3617c478bd9Sstevel@tonic-gate return (set_errno(error)); 3627c478bd9Sstevel@tonic-gate } 363