From ddf7fe95b8ad67aa16deb427a0b78f4dd4ff22b1 Mon Sep 17 00:00:00 2001
From: casper <none@none>
Date: Mon, 3 Mar 2008 07:48:05 -0800
Subject: PSARC 2008/109 Fine Grained Access Permissions (FGAP) 6664443
 Implement PSARC/2008/109

---
 usr/src/uts/common/syscall/groups.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'usr/src/uts/common/syscall/groups.c')

diff --git a/usr/src/uts/common/syscall/groups.c b/usr/src/uts/common/syscall/groups.c
index 8273171d0c..3a46812f8a 100644
--- a/usr/src/uts/common/syscall/groups.c
+++ b/usr/src/uts/common/syscall/groups.c
@@ -89,17 +89,24 @@ setgroups(int gidsetsize, gid_t *gidset)
 	newcr = cralloc_ksid();
 	p = ttoproc(curthread);
 	mutex_enter(&p->p_crlock);
+retry:
 	cr = p->p_cred;
+	crhold(cr);
+	mutex_exit(&p->p_crlock);
 
 	if ((error = secpolicy_allow_setid(cr, -1, B_FALSE)) != 0) {
-		mutex_exit(&p->p_crlock);
 		if (groups != NULL)
 			kmem_free(groups, n * sizeof (gid_t));
 		if (ksl != NULL)
 			ksidlist_rele(ksl);
 		crfree(newcr);
+		crfree(cr);
 		return (set_errno(error));
 	}
+	mutex_enter(&p->p_crlock);
+	crfree(cr);
+	if (cr != p->p_cred)
+		goto retry;
 
 	crdup_to(cr, newcr);
 	crsetsidlist(newcr, ksl);
-- 
cgit v1.2.3