From 2eca11bcbab14703549d5f363a1aef5ea9a89bf1 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Thu, 1 Dec 2022 13:11:59 +0100 Subject: [PATCH] loopback: reject setting "slave-type"/"master" for "loopback" profiles A loopback interface cannot be attached to a controller interface (in kernel). Also, we have special handling for the loopback address 127.0.0.1. It's not clear how that should behave when the loopback device would be attached to another interface. Just reject such configuration as invalid. Fixes: e8618f03d7d8 ('support loopback interface') --- src/libnm-core-impl/nm-setting-loopback.c | 24 ++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/src/libnm-core-impl/nm-setting-loopback.c b/src/libnm-core-impl/nm-setting-loopback.c index ea777491a8..1451b411b7 100644 --- a/src/libnm-core-impl/nm-setting-loopback.c +++ b/src/libnm-core-impl/nm-setting-loopback.c @@ -70,9 +70,10 @@ static gboolean verify(NMSetting *setting, NMConnection *connection, GError **error) { if (connection) { - NMSettingIPConfig *s_ip4; - NMSettingIPConfig *s_ip6; - const char *method; + NMSettingIPConfig *s_ip4; + NMSettingIPConfig *s_ip6; + NMSettingConnection *s_con; + const char *method; if ((s_ip4 = nm_connection_get_setting_ip4_config(connection))) { if ((method = nm_setting_ip_config_get_method(s_ip4)) @@ -122,6 +123,23 @@ verify(NMSetting *setting, NMConnection *connection, GError **error) return FALSE; } } + + if ((s_con = nm_connection_get_setting_connection(connection))) { + if (nm_setting_connection_get_slave_type(s_con) + || nm_setting_connection_get_master(s_con)) { + g_set_error(error, + NM_CONNECTION_ERROR, + NM_CONNECTION_ERROR_INVALID_PROPERTY, + _("a loopback profile cannot be a port")); + g_prefix_error(error, + "%s.%s: ", + NM_SETTING_CONNECTION_SETTING_NAME, + nm_setting_connection_get_slave_type(s_con) + ? NM_SETTING_CONNECTION_SLAVE_TYPE + : NM_SETTING_CONNECTION_MASTER); + return FALSE; + } + } } return TRUE; }