forbid circular proxying

solves QubesOS/qubes-issues/issues/9064

qubesctap/client/qctap_proxy.py

@@ -27,6 +27,7 @@
 import itertools
 import logging
 import signal
+import platform
 
 from fido2.ctap1 import APDU, ApduError, RegistrationData, SignatureData
 from fido2.ctap2 import AssertionResponse, AttestationResponse, Ctap2
@@ -39,6 +40,10 @@
 from qubesctap.util import int_to_bytes
 
 
+class ArgumentError(RuntimeError):
+    pass
+
+
 class CTAPHIDQrexecDevice(hidemu.CTAPHIDDevice):
     """U2DHIDDevice proxied over qrexec"""
     qrexec_client = const.QREXEC_CLIENT
@@ -48,8 +53,13 @@ def __init__(self, vmname, *, name=None, **kwargs):
         if name is None:
             name = f'Qubes OS CTAP proxy to {vmname}'
         super().__init__(name=name, **kwargs)
+        if platform.node() == vmname:
+            raise ArgumentError(
+                f"Can't proxy CTAP messages circularly {vmname}->{vmname}. "
+                "Exiting.")
         self.vmname = vmname
 
+
     async def qrexec_transaction(self, request: RequestWrapper, rpcname: str):
         """Execute one transaction over qrexec"""
         self.log.getChild('qrexec').debug(