Hi Andrew,

Andrew Doran wrote:

> The wrong credential is being used to authorize the request.
> 
> Accessing p_cred requires holding the corresponding lock which is not done
> here. As a result there is a race condition. For example, given the right
> conditions a non-root user could change the clock.

Right, my mistake -- sorry about that, and thanks for pointing it out.

Would you suggest to use mutex_enter()/mutex_exit() on p->p_mutex around
the kauth(9) calls that use it? or proc_representative_lwp()? (is it
even a valid substitution?)

Thanks,

-e.