From bda89588bd7667394a834e8a9a34612cce2ae9c3 Mon Sep 17 00:00:00 2001
From: jp151216 <none@none>
Date: Fri, 4 Jan 2008 13:09:02 -0800
Subject: 6552639 Each zone should have it's own idmapd

---
 usr/src/uts/common/os/ipc.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'usr/src/uts/common/os/ipc.c')

diff --git a/usr/src/uts/common/os/ipc.c b/usr/src/uts/common/os/ipc.c
index 3e3a5b79cb..06324b140a 100644
--- a/usr/src/uts/common/os/ipc.c
+++ b/usr/src/uts/common/os/ipc.c
@@ -19,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -518,6 +518,7 @@ ipcperm_set(ipc_service_t *service, struct cred *cr,
 	uid_t uid;
 	gid_t gid;
 	mode_t mode;
+	zone_t *zone;
 
 	ASSERT(IPC_LOCKED(service, kperm));
 
@@ -529,7 +530,8 @@ ipcperm_set(ipc_service_t *service, struct cred *cr,
 	if (secpolicy_ipc_owner(cr, kperm) != 0)
 		return (EPERM);
 
-	if (!VALID_UID(uid) || !VALID_GID(gid))
+	zone = crgetzone(cr);
+	if (!VALID_UID(uid, zone) || !VALID_GID(gid, zone))
 		return (EINVAL);
 
 	kperm->ipc_uid = uid;
@@ -561,12 +563,16 @@ int
 ipcperm_set64(ipc_service_t *service, struct cred *cr,
     kipc_perm_t *kperm, ipc_perm64_t *perm64)
 {
+	zone_t *zone;
+
 	ASSERT(IPC_LOCKED(service, kperm));
 
 	if (secpolicy_ipc_owner(cr, kperm) != 0)
 		return (EPERM);
 
-	if (!VALID_UID(perm64->ipcx_uid) || !VALID_GID(perm64->ipcx_gid))
+	zone = crgetzone(cr);
+	if (!VALID_UID(perm64->ipcx_uid, zone) ||
+	    !VALID_GID(perm64->ipcx_gid, zone))
 		return (EINVAL);
 
 	kperm->ipc_uid = perm64->ipcx_uid;
-- 
cgit v1.2.3