OS-208 DTrace needs to use zone_did to match zone-limited enablings

          --- old/usr/src/uts/common/sys/cred.h
          +++ new/usr/src/uts/common/sys/cred.h

   1    1  /*
   2    2   * CDDL HEADER START
   3    3   *
   4    4   * The contents of this file are subject to the terms of the
   5    5   * Common Development and Distribution License (the "License").
   6    6   * You may not use this file except in compliance with the License.
   7    7   *
   8    8   * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9    9   * or http://www.opensolaris.org/os/licensing.
  10   10   * See the License for the specific language governing permissions
  11   11   * and limitations under the License.
  12   12   *
  13   13   * When distributing Covered Code, include this CDDL HEADER in each
  14   14   * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15   15   * If applicable, add the following below this CDDL HEADER, with the
  16   16   * fields enclosed by brackets "[]" replaced with your own identifying
  17   17   * information: Portions Copyright [yyyy] [name of copyright owner]
  18   18   *
  19   19   * CDDL HEADER END
  20   20   */
  21   21  /*
  22   22   * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  23   23   * Use is subject to license terms.
  24   24   */
  25   25  
  26   26  /*      Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T     */
  27   27  /*        All Rights Reserved   */
  28   28  
  29   29  /*
  30   30   * Portions of this source code were derived from Berkeley 4.3 BSD
  31   31   * under license from the Regents of the University of California.
  32   32   */
  33   33  
  34   34  #ifndef _SYS_CRED_H
  35   35  #define _SYS_CRED_H
  36   36  
  37   37  #include <sys/types.h>
  38   38  
  39   39  #ifdef  __cplusplus
  40   40  extern "C" {
  41   41  #endif
  42   42  
  43   43  /*
  44   44   * The credential is an opaque kernel private data structure defined in
  45   45   * <sys/cred_impl.h>.
  46   46   */
  47   47  
  48   48  typedef struct cred cred_t;
  49   49  
  50   50  #ifdef _KERNEL
  51   51  
  52   52  #define CRED()          curthread->t_cred
  53   53  
  54   54  struct proc;                            /* cred.h is included in proc.h */
  55   55  struct prcred;
  56   56  struct ksid;
  57   57  struct ksidlist;
  58   58  struct credklpd;
  59   59  struct credgrp;
  60   60  
  61   61  struct auditinfo_addr;                  /* cred.h is included in audit.h */
  62   62  
  63   63  extern int ngroups_max;
  64   64  /*
  65   65   * kcred is used when you need all privileges.
  66   66   */
  67   67  extern struct cred *kcred;
  68   68  
  69   69  extern void cred_init(void);
  70   70  extern void crhold(cred_t *);
  71   71  extern void crfree(cred_t *);
  72   72  extern cred_t *cralloc(void);           /* all but ref uninitialized */
  73   73  extern cred_t *cralloc_ksid(void);      /* cralloc() + ksid alloc'ed */
  74   74  extern cred_t *crget(void);             /* initialized */
  75   75  extern cred_t *crcopy(cred_t *);
  76   76  extern void crcopy_to(cred_t *, cred_t *);
  77   77  extern cred_t *crdup(cred_t *);
  78   78  extern void crdup_to(cred_t *, cred_t *);
  79   79  extern cred_t *crgetcred(void);
  80   80  extern void crset(struct proc *, cred_t *);
  81   81  extern void crset_zone_privall(cred_t *);
  82   82  extern int groupmember(gid_t, const cred_t *);
  83   83  extern int supgroupmember(gid_t, const cred_t *);
  84   84  extern int hasprocperm(const cred_t *, const cred_t *);
  85   85  extern int prochasprocperm(struct proc *, struct proc *, const cred_t *);

  86   86  extern int crcmp(const cred_t *, const cred_t *);
  87   87  extern cred_t *zone_kcred(void);
  88   88  
  89   89  extern uid_t crgetuid(const cred_t *);
  90   90  extern uid_t crgetruid(const cred_t *);
  91   91  extern uid_t crgetsuid(const cred_t *);
  92   92  extern gid_t crgetgid(const cred_t *);
  93   93  extern gid_t crgetrgid(const cred_t *);
  94   94  extern gid_t crgetsgid(const cred_t *);
  95   95  extern zoneid_t crgetzoneid(const cred_t *);
       96 +extern zoneid_t crgetzonedid(const cred_t *);
  96   97  extern projid_t crgetprojid(const cred_t *);
  97   98  
  98   99  extern cred_t *crgetmapped(const cred_t *);
  99  100  
 100  101  
 101  102  extern const struct auditinfo_addr *crgetauinfo(const cred_t *);
 102  103  extern struct auditinfo_addr *crgetauinfo_modifiable(cred_t *);
 103  104  
 104  105  extern uint_t crgetref(const cred_t *);
 105  106  

 106  107  extern const gid_t *crgetgroups(const cred_t *);
 107  108  extern const gid_t *crgetggroups(const struct credgrp *);
 108  109  
 109  110  extern int crgetngroups(const cred_t *);
 110  111  
 111  112  /*
 112  113   * Sets real, effective and/or saved uid/gid;
 113  114   * -1 argument accepted as "no change".
 114  115   */
 115  116  extern int crsetresuid(cred_t *, uid_t, uid_t, uid_t);
 116  117  extern int crsetresgid(cred_t *, gid_t, gid_t, gid_t);
 117  118  
 118  119  /*
 119  120   * Sets real, effective and saved uids/gids all to the same
 120  121   * values.  Both values must be non-negative and <= MAXUID
 121  122   */
 122  123  extern int crsetugid(cred_t *, uid_t, gid_t);
 123  124  
 124  125  /*
 125  126   * Functions to handle the supplemental group list.
 126  127   */
 127  128  extern int crsetgroups(cred_t *, int, gid_t *);
 128  129  extern struct credgrp *crgrpcopyin(int, gid_t *);
 129  130  extern void crgrprele(struct credgrp *);
 130  131  extern void crsetcredgrp(cred_t *, struct credgrp *);
 131  132  
 132  133  /*
 133  134   * Private interface for setting zone association of credential.
 134  135   */
 135  136  struct zone;
 136  137  extern void crsetzone(cred_t *, struct zone *);
 137  138  extern struct zone *crgetzone(const cred_t *);
 138  139  
 139  140  /*
 140  141   * Private interface for setting project id in credential.
 141  142   */
 142  143  extern void crsetprojid(cred_t *, projid_t);
 143  144  
 144  145  /*
 145  146   * Private interface for nfs.
 146  147   */
 147  148  extern cred_t *crnetadjust(cred_t *);
 148  149  
 149  150  /*
 150  151   * Private interface for procfs.
 151  152   */
 152  153  extern void cred2prcred(const cred_t *, struct prcred *);
 153  154  
 154  155  /*
 155  156   * Private interfaces for Rampart Trusted Solaris.
 156  157   */
 157  158  struct ts_label_s;
 158  159  extern struct ts_label_s *crgetlabel(const cred_t *);
 159  160  extern boolean_t crisremote(const cred_t *);
 160  161  
 161  162  /*
 162  163   * Private interfaces for ephemeral uids.
 163  164   */
 164  165  #define VALID_UID(id, zn)                                       \
 165  166          ((id) <= MAXUID || valid_ephemeral_uid((zn), (id)))
 166  167  
 167  168  #define VALID_GID(id, zn)                                       \
 168  169          ((id) <= MAXUID || valid_ephemeral_gid((zn), (id)))
 169  170  
 170  171  extern boolean_t valid_ephemeral_uid(struct zone *, uid_t);
 171  172  extern boolean_t valid_ephemeral_gid(struct zone *, gid_t);
 172  173  
 173  174  extern int eph_uid_alloc(struct zone *, int, uid_t *, int);
 174  175  extern int eph_gid_alloc(struct zone *, int, gid_t *, int);
 175  176  
 176  177  extern void crsetsid(cred_t *, struct ksid *, int);
 177  178  extern void crsetsidlist(cred_t *, struct ksidlist *);
 178  179  
 179  180  extern struct ksid *crgetsid(const cred_t *, int);
 180  181  extern struct ksidlist *crgetsidlist(const cred_t *);
 181  182  
 182  183  extern int crsetpriv(cred_t *, ...);
 183  184  
 184  185  extern struct credklpd *crgetcrklpd(const cred_t *);
 185  186  extern void crsetcrklpd(cred_t *, struct credklpd *);
 186  187  
 187  188  #endif  /* _KERNEL */
 188  189  
 189  190  #ifdef  __cplusplus
 190  191  }
 191  192  #endif
 192  193  
 193  194  #endif  /* _SYS_CRED_H */

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX