diff --git a/sys/net/if.c b/sys/net/if.c --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1191,26 +1191,39 @@ * Move an ifnet to or from another child prison/vnet, specified by the jail id. */ static int -if_vmove_loan(struct thread *td, struct ifnet *ifp, char *ifname, int jid) +if_vmove_loan(struct thread *td, char *ifname, int jid) { struct prison *pr; - struct ifnet *difp; + struct ifnet *ifp, *difp; bool found; + MPASS(curthread == td); + MPASS(curvnet == TD_TO_VNET(td)); + + /* + * We check the existence of the interface, and will later try to + * unlink it from the "active" list, so it is sufficient to only + * hold a weak reference to it. + * Be aware that it is unsafe to access any member of it, until it + * is proven to be safe to ( say it was on the "active" list ). + */ + ifp = ifunit(ifname); + if (ifp == NULL) + return (ENXIO); + /* Try to find the prison within our visibility. */ sx_slock(&allprison_lock); pr = prison_find_child(td->td_ucred->cr_prison, jid); sx_sunlock(&allprison_lock); if (pr == NULL) return (ENXIO); - prison_hold_locked(pr); - mtx_unlock(&pr->pr_mtx); - - /* Do not try to move the iface from and to the same prison. */ - if (pr->pr_vnet == ifp->if_vnet) { - prison_free(pr); + /* Do not try to move the iface from and to the same vnet. */ + if (pr->pr_vnet == TD_TO_VNET(td)) { + mtx_unlock(&pr->pr_mtx); return (EEXIST); } + prison_hold_locked(pr); + mtx_unlock(&pr->pr_mtx); /* Make sure the named iface does not exists in the dst. prison/vnet. */ /* XXX Lock interfaces to avoid races. */ @@ -2580,15 +2593,6 @@ error = if_rename(ifp, new_name); break; -#ifdef VIMAGE - case SIOCSIFVNET: - error = priv_check(td, PRIV_NET_SETIFVNET); - if (error) - return (error); - error = if_vmove_loan(td, ifp, ifr->ifr_name, ifr->ifr_jid); - break; -#endif - case SIOCSIFMETRIC: error = priv_check(td, PRIV_NET_SETIFMETRIC); if (error) @@ -2876,6 +2880,12 @@ ifr = (struct ifreq *)data; switch (cmd) { #ifdef VIMAGE + case SIOCSIFVNET: + error = priv_check(td, PRIV_NET_SETIFVNET); + if (error == 0) + error = if_vmove_loan(td, ifr->ifr_name, ifr->ifr_jid); + goto out_noref; + case SIOCSIFRVNET: error = priv_check(td, PRIV_NET_SETIFVNET); if (error == 0)