Add set{u,g}id syscalls (#510)

Signed-off-by: Alex Saveau <saveau.alexandre@gmail.com>

Author: SUPERCILEX

src/backend/libc/thread/syscalls.rs

@@ -319,3 +319,17 @@ pub(crate) fn capset(
     let header: *mut _ = header;
     unsafe { syscall_ret(c::syscall(c::SYS_capset, header, data.as_ptr())) }
 }
+
+#[cfg(any(target_os = "android", target_os = "linux"))]
+#[inline]
+#[must_use]
+pub(crate) fn setuid_thread(uid: crate::process::Uid) -> io::Result<()> {
+    unsafe { syscall_ret(c::syscall(c::SYS_setuid, uid.as_raw())) }
+}
+
+#[cfg(any(target_os = "android", target_os = "linux"))]
+#[inline]
+#[must_use]
+pub(crate) fn setgid_thread(gid: crate::process::Gid) -> io::Result<()> {
+    unsafe { syscall_ret(c::syscall(c::SYS_setgid, gid.as_raw())) }
+}

src/backend/linux_raw/conv.rs

@@ -699,6 +699,20 @@ impl<'a, Num: ArgNumber> From<crate::backend::fs::types::UnmountFlags> for ArgRe
     }
 }
 
+impl<'a, Num: ArgNumber> From<crate::process::Uid> for ArgReg<'a, Num> {
+    #[inline]
+    fn from(t: crate::process::Uid) -> Self {
+        c_uint(t.as_raw())
+    }
+}
+
+impl<'a, Num: ArgNumber> From<crate::process::Gid> for ArgReg<'a, Num> {
+    #[inline]
+    fn from(t: crate::process::Gid) -> Self {
+        c_uint(t.as_raw())
+    }
+}
+
 /// Convert a `usize` returned from a syscall that effectively returns `()` on
 /// success.
 ///

src/backend/linux_raw/thread/syscalls.rs

@@ -314,3 +314,13 @@ pub(crate) fn capset(
     let header: *mut _ = header;
     unsafe { ret(syscall!(__NR_capset, header, data.as_ptr())) }
 }
+
+#[inline]
+pub(crate) fn setuid_thread(uid: crate::process::Uid) -> io::Result<()> {
+    unsafe { ret(syscall_readonly!(__NR_setuid, uid)) }
+}
+
+#[inline]
+pub(crate) fn setgid_thread(gid: crate::process::Gid) -> io::Result<()> {
+    unsafe { ret(syscall_readonly!(__NR_setgid, gid)) }
+}

src/thread/id.rs

@@ -1,5 +1,5 @@
-use crate::backend;
-use crate::process::Pid;
+use crate::process::{Gid, Pid, Uid};
+use crate::{backend, io};
 
 /// `gettid()`—Returns the thread ID.
 ///
@@ -15,3 +15,53 @@ use crate::process::Pid;
 pub fn gettid() -> Pid {
     backend::thread::syscalls::gettid()
 }
+
+/// `setuid(uid)`
+///
+/// # Warning
+///
+/// This is not the setxid you are looking for... POSIX requires xids to be
+/// process granular, but on Linux they are per-thread. Thus, this call only
+/// changes the xid for the current *thread*, not the entire process even though
+/// that is in violation of the POSIX standard.
+///
+/// For details on this distinction, see the C library vs. kernel differences in
+/// the [man page][linux_notes]. This call implements the kernel behavior.
+///
+/// # References
+///  - [POSIX]
+///  - [Linux]
+///
+/// [POSIX]: https://pubs.opengroup.org/onlinepubs/9699919799/functions/setuid.html
+/// [Linux]: https://man7.org/linux/man-pages/man2/setuid.2.html
+/// [linux_notes]: https://man7.org/linux/man-pages/man2/setuid.2.html#NOTES
+#[inline]
+#[must_use]
+pub fn set_thread_uid(uid: Uid) -> io::Result<()> {
+    backend::thread::syscalls::setuid_thread(uid)
+}
+
+/// `setgid(gid)`
+///
+/// # Warning
+///
+/// This is not the setxid you are looking for... POSIX requires xids to be
+/// process granular, but on Linux they are per-thread. Thus, this call only
+/// changes the xid for the current *thread*, not the entire process even though
+/// that is in violation of the POSIX standard.
+///
+/// For details on this distinction, see the C library vs. kernel differences in
+/// the [man page][linux_notes]. This call implements the kernel behavior.
+///
+/// # References
+///  - [POSIX]
+///  - [Linux]
+///
+/// [POSIX]: https://pubs.opengroup.org/onlinepubs/9699919799/functions/setgid.html
+/// [Linux]: https://man7.org/linux/man-pages/man2/setgid.2.html
+/// [linux_notes]: https://man7.org/linux/man-pages/man2/setgid.2.html#NOTES
+#[inline]
+#[must_use]
+pub fn set_thread_gid(gid: Gid) -> io::Result<()> {
+    backend::thread::syscalls::setgid_thread(gid)
+}

src/thread/mod.rs

@@ -30,7 +30,7 @@ pub use clock::{nanosleep, NanosleepRelativeResult, Timespec};
 #[cfg(linux_raw)]
 pub use futex::{futex, FutexFlags, FutexOperation};
 #[cfg(any(target_os = "android", target_os = "linux"))]
-pub use id::gettid;
+pub use id::{gettid, set_thread_gid, set_thread_uid};
 #[cfg(any(target_os = "android", target_os = "linux"))]
 pub use libcap::{capabilities, set_capabilities, CapabilityFlags, CapabilitySets};
 #[cfg(any(target_os = "android", target_os = "linux"))]

tests/thread/id.rs

@@ -1,7 +1,16 @@
-use rustix::thread;
+use rustix::{process, thread};
 
-#[cfg(any(target_os = "android", target_os = "linux"))]
 #[test]
 fn test_gettid() {
     assert_eq!(thread::gettid(), thread::gettid());
 }
+
+#[test]
+fn test_setuid() {
+    thread::set_thread_uid(process::getuid()).unwrap();
+}
+
+#[test]
+fn test_setgid() {
+    thread::set_thread_gid(process::getgid()).unwrap();
+}