auto format all files

author: John Turner <jturner.usa@gmail.com> 2025-08-16 14:43:06 -0400
committer: John Turner <jturner.usa@gmail.com> 2025-08-16 14:43:06 -0400
commit: 58ffeaf9b49e662e49d24a2d71dcdc9fac2949f8 (patch)
tree: 84c645e32aac8eb468f41df33fbac7b0a8584887 /src/net
parent: cfd55472db08f37b2123c350ce76fb3d916d25f6 (diff)
download: selinux-policy-58ffeaf9b49e662e49d24a2d71dcdc9fac2949f8.tar.gz
12 files changed, 494 insertions, 494 deletions
diff --git a/src/net/ibnet.cil b/src/net/ibnet.cil
index cda4939..9bef422 100644
--- a/src/net/ibnet.cil
+++ b/src/net/ibnet.cil
@@ -1,4 +1,4 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (in net
@@ -7,9 +7,9 @@
 
     (block ib
 
-      (block unconfined
+	(block unconfined
 
-	(macro type ((type ARG1))
-	       (typeattributeset typeattr ARG1))
+	    (macro type ((type ARG1))
+		(typeattributeset typeattr ARG1))
 
-	(typeattribute typeattr))))
+	    (typeattribute typeattr))))
diff --git a/src/net/ibnet/endportibnet.cil b/src/net/ibnet/endportibnet.cil
index d942909..031f9b9 100644
--- a/src/net/ibnet/endportibnet.cil
+++ b/src/net/ibnet/endportibnet.cil
@@ -1,11 +1,11 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (class infiniband_endport (manage_subnet))
 (classorder (unordered infiniband_endport))
 
 (macro managesubnet_invalid_endports ((type ARG1))
-       (allow ARG1 invalid (infiniband_endport (manage_subnet))))
+    (allow ARG1 invalid (infiniband_endport (manage_subnet))))
 
 (in invalid.unconfined
 
@@ -14,8 +14,8 @@
 (in mcs
 
     (mlsconstrain (infiniband_endport (manage_subnet))
-		  (or (dom h1 h2)
-		      (neq t1 constrained.typeattr))))
+	(or (dom h1 h2)
+	    (neq t1 constrained.typeattr))))
 
 (in net.ib
 
@@ -23,53 +23,53 @@
 
     (block endport
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (blockinherit all_macro_template)
+	(blockinherit all_macro_template)
 
-      (call .obj.type (typeattr))
+	(call .obj.type (typeattr))
 
-      (block all_macro_template
+	(block all_macro_template
 
-	(blockabstract all_macro_template)
+	    (blockabstract all_macro_template)
 
-	(macro managesubnet_all_endports ((type ARG1))
-	       (allow ARG1 typeattr (infiniband_endport (manage_subnet)))))
+	    (macro managesubnet_all_endports ((type ARG1))
+		(allow ARG1 typeattr (infiniband_endport (manage_subnet)))))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(context endport_context (.sys.id .sys.role endport .sys.lowlow))
+	    (context endport_context (.sys.id .sys.role endport .sys.lowlow))
 
-	(type endport)
-	(call .net.ib.endport.type (endport)))
+	    (type endport)
+	    (call .net.ib.endport.type (endport)))
 
-      (block macro_template
+	(block macro_template
 
-	(blockabstract macro_template)
+	    (blockabstract macro_template)
 
-	(macro managesubnet_endports ((type ARG1))
-	       (allow ARG1 endport (infiniband_endport (manage_subnet)))))
+	    (macro managesubnet_endports ((type ARG1))
+		(allow ARG1 endport (infiniband_endport (manage_subnet)))))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.ib.endport.base_template)
-	(blockinherit .net.ib.endport.macro_template))
+	    (blockinherit .net.ib.endport.base_template)
+	    (blockinherit .net.ib.endport.macro_template))
 
-      (block unconfined
+	(block unconfined
 
-	(macro type ((type ARG1))
-	       (typeattributeset typeattr ARG1))
+	    (macro type ((type ARG1))
+		(typeattributeset typeattr ARG1))
 
-	(typeattribute typeattr)
+	    (typeattribute typeattr)
 
-	(allow typeattr endport.typeattr (infiniband_endport (all))))))
+	    (allow typeattr endport.typeattr (infiniband_endport (all))))))
 
 (in net.ib.unconfined
 
diff --git a/src/net/ibnet/pkeyibnet.cil b/src/net/ibnet/pkeyibnet.cil
index 4908076..27d38c8 100644
--- a/src/net/ibnet/pkeyibnet.cil
+++ b/src/net/ibnet/pkeyibnet.cil
@@ -1,11 +1,11 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (class infiniband_pkey (access))
 (classorder (unordered infiniband_pkey))
 
 (macro access_invalid_pkeys ((type ARG1))
-       (allow ARG1 invalid (infiniband_pkey (access))))
+    (allow ARG1 invalid (infiniband_pkey (access))))
 
 (in invalid.unconfined
 
@@ -14,8 +14,8 @@
 (in mcs
 
     (mlsconstrain (infiniband_pkey (access))
-		  (or (dom h1 h2)
-		      (neq t1 constrained.typeattr))))
+	(or (dom h1 h2)
+	    (neq t1 constrained.typeattr))))
 
 (in net.ib
 
@@ -23,53 +23,53 @@
 
     (block pkey
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (blockinherit all_macro_template)
+	(blockinherit all_macro_template)
 
-      (call .obj.type (typeattr))
+	(call .obj.type (typeattr))
 
-      (block all_macro_template
+	(block all_macro_template
 
-	(blockabstract all_macro_template)
+	    (blockabstract all_macro_template)
 
-	(macro access_all_pkeys ((type ARG1))
-	       (allow ARG1 typeattr (infiniband_pkey (access)))))
+	    (macro access_all_pkeys ((type ARG1))
+		(allow ARG1 typeattr (infiniband_pkey (access)))))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(context pkey_context (.sys.id .sys.role pkey .sys.lowlow))
+	    (context pkey_context (.sys.id .sys.role pkey .sys.lowlow))
 
-	(type pkey)
-	(call .net.ib.pkey.type (pkey)))
+	    (type pkey)
+	    (call .net.ib.pkey.type (pkey)))
 
-      (block macro_template
+	(block macro_template
 
-	(blockabstract macro_template)
+	    (blockabstract macro_template)
 
-	(macro access_pkeys ((type ARG1))
-	       (allow ARG1 pkey (infiniband_pkey (access)))))
+	    (macro access_pkeys ((type ARG1))
+		(allow ARG1 pkey (infiniband_pkey (access)))))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.ib.pkey.base_template)
-	(blockinherit .net.ib.pkey.macro_template))
+	    (blockinherit .net.ib.pkey.base_template)
+	    (blockinherit .net.ib.pkey.macro_template))
 
-      (block unconfined
+	(block unconfined
 
-	(macro type ((type ARG1))
-	       (typeattributeset typeattr ARG1))
+	    (macro type ((type ARG1))
+		(typeattributeset typeattr ARG1))
 
-	(typeattribute typeattr)
+	    (typeattribute typeattr)
 
-	(allow typeattr pkey.typeattr (infiniband_pkey (all))))))
+	    (allow typeattr pkey.typeattr (infiniband_pkey (all))))))
 
 (in net.ib.unconfined
 
diff --git a/src/net/netifnet.cil b/src/net/netifnet.cil
index af818e1..2a24282 100644
--- a/src/net/netifnet.cil
+++ b/src/net/netifnet.cil
@@ -1,4 +1,4 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (sidcontext netif (sys.id sys.role net.netif sys.lowlow))
@@ -7,18 +7,18 @@
 (classorder (unordered netif))
 
 (macro egress_invalid_netifs ((type ARG1))
-       (allow ARG1 invalid (netif (egress))))
+    (allow ARG1 invalid (netif (egress))))
 
 (macro egressingress_invalid_netifs ((type ARG1))
-       (allow ARG1 invalid (netif (egress ingress))))
+    (allow ARG1 invalid (netif (egress ingress))))
 
 (macro ingress_invalid_netifs ((type ARG1))
-       (allow ARG1 invalid (netif (ingress))))
+    (allow ARG1 invalid (netif (ingress))))
 
 (tunableif (or invalid_associations invalid_peers)
-	   (true
+    (true
 
-	    (call net.netif.egressingress_all_netifs (invalid))))
+	(call net.netif.egressingress_all_netifs (invalid))))
 
 (in invalid.unconfined
 
@@ -27,8 +27,8 @@
 (in mcs
 
     (mlsconstrain (netif (egress ingress))
-		  (or (dom h1 h2)
-		      (neq t1 constrained.typeattr))))
+	(or (dom h1 h2)
+	    (neq t1 constrained.typeattr))))
 
 (in net
 
@@ -36,65 +36,65 @@
 
     (block netif
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (blockinherit all_macro_template)
+	(blockinherit all_macro_template)
 
-      (call .obj.type (typeattr))
+	(call .obj.type (typeattr))
 
-      (block all_macro_template
+	(block all_macro_template
 
-	(blockabstract all_macro_template)
+	    (blockabstract all_macro_template)
 
-	(macro egress_all_netifs ((type ARG1))
-	       (allow ARG1 typeattr (netif (egress))))
+	    (macro egress_all_netifs ((type ARG1))
+		(allow ARG1 typeattr (netif (egress))))
 
-	(macro egressingress_all_netifs ((type ARG1))
-	       (allow ARG1 typeattr (netif (egress ingress))))
+	    (macro egressingress_all_netifs ((type ARG1))
+		(allow ARG1 typeattr (netif (egress ingress))))
 
-	(macro ingress_all_netifs ((type ARG1))
-	       (allow ARG1 typeattr (netif (ingress)))))
+	    (macro ingress_all_netifs ((type ARG1))
+		(allow ARG1 typeattr (netif (ingress)))))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(context netif_context (.sys.id .sys.role netif .sys.lowlow))
+	    (context netif_context (.sys.id .sys.role netif .sys.lowlow))
 
-	(type netif)
-	(call .net.netif.type (netif)))
+	    (type netif)
+	    (call .net.netif.type (netif)))
 
-      (block macro_template
+	(block macro_template
 
-	(blockabstract macro_template)
+	    (blockabstract macro_template)
 
-	(macro egress_netifs ((type ARG1))
-	       (allow ARG1 netif (netif (egress))))
+	    (macro egress_netifs ((type ARG1))
+		(allow ARG1 netif (netif (egress))))
 
-	(macro egressingress_netifs ((type ARG1))
-	       (allow ARG1 netif (netif (egress ingress))))
+	    (macro egressingress_netifs ((type ARG1))
+		(allow ARG1 netif (netif (egress ingress))))
 
-	(macro ingress_netifs ((type ARG1))
-	       (allow ARG1 netif (netif (ingress)))))
+	    (macro ingress_netifs ((type ARG1))
+		(allow ARG1 netif (netif (ingress)))))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.netif.base_template)
-	(blockinherit .net.netif.macro_template))
+	    (blockinherit .net.netif.base_template)
+	    (blockinherit .net.netif.macro_template))
 
-      (block unconfined
+	(block unconfined
 
-	(macro type ((type ARG1))
-	       (typeattributeset typeattr ARG1))
+	    (macro type ((type ARG1))
+		(typeattributeset typeattr ARG1))
 
-	(typeattribute typeattr)
+	    (typeattribute typeattr)
 
-	(allow typeattr netif.typeattr (netif (all))))))
+	    (allow typeattr netif.typeattr (netif (all))))))
 
 (in net.unconfined
 
diff --git a/src/net/nodenet.cil b/src/net/nodenet.cil
index 2f1fc55..dec1baa 100644
--- a/src/net/nodenet.cil
+++ b/src/net/nodenet.cil
@@ -1,4 +1,4 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (sidcontext node (sys.id sys.role net.netnode sys.lowlow))
@@ -7,18 +7,18 @@
 (classorder (unordered node))
 
 (macro recvfrom_invalid_nodes ((type ARG1))
-       (allow ARG1 invalid (node (recvfrom))))
+    (allow ARG1 invalid (node (recvfrom))))
 
 (macro recvfromsendto_invalid_nodes ((type ARG1))
-       (allow ARG1 invalid (node (recvfrom sendto))))
+    (allow ARG1 invalid (node (recvfrom sendto))))
 
 (macro sendto_invalid_nodes ((type ARG1))
-       (allow ARG1 invalid (node (sendto))))
+    (allow ARG1 invalid (node (sendto))))
 
 (tunableif (or invalid_associations invalid_peers)
-	   (true
+    (true
 
-	    (call net.netnode.recvfromsendto_all_nodes (invalid))))
+	(call net.netnode.recvfromsendto_all_nodes (invalid))))
 
 (in invalid.unconfined
 
@@ -27,10 +27,10 @@
 (in mcs
 
     (mlsconstrain (node (recvfrom sendto))
-		  (or (dom h1 h2)
-		      (and
-		       (neq t1 constrained.typeattr)
-		       (neq t2 constrained.typeattr)))))
+	(or (dom h1 h2)
+	    (and
+		(neq t1 constrained.typeattr)
+		(neq t2 constrained.typeattr)))))
 
 (in net
 
@@ -38,107 +38,107 @@
 
     (block netnode
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (blockinherit all_macro_template)
+	(blockinherit all_macro_template)
 
-      (call .obj.type (typeattr))
+	(call .obj.type (typeattr))
 
-      (block all_macro_template
+	(block all_macro_template
 
-	(blockabstract all_macro_template)
+	    (blockabstract all_macro_template)
 
-	(macro nodebind_all_dccp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (dccp_socket (node_bind))))
+	    (macro nodebind_all_dccp_sockets ((type ARG1))
+		(allow ARG1 typeattr (dccp_socket (node_bind))))
 
-	(macro nodebind_all_icmp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (icmp_socket (node_bind))))
+	    (macro nodebind_all_icmp_sockets ((type ARG1))
+		(allow ARG1 typeattr (icmp_socket (node_bind))))
 
-	(macro nodebind_all_rawip_sockets ((type ARG1))
-	       (allow ARG1 typeattr (rawip_socket (node_bind))))
+	    (macro nodebind_all_rawip_sockets ((type ARG1))
+		(allow ARG1 typeattr (rawip_socket (node_bind))))
 
-	(macro nodebind_all_sctp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (sctp_socket (node_bind))))
+	    (macro nodebind_all_sctp_sockets ((type ARG1))
+		(allow ARG1 typeattr (sctp_socket (node_bind))))
 
-	(macro nodebind_all_tcp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (tcp_socket (node_bind))))
+	    (macro nodebind_all_tcp_sockets ((type ARG1))
+		(allow ARG1 typeattr (tcp_socket (node_bind))))
 
-	(macro nodebind_all_udp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (udp_socket (node_bind))))
+	    (macro nodebind_all_udp_sockets ((type ARG1))
+		(allow ARG1 typeattr (udp_socket (node_bind))))
 
-	(macro recvfrom_all_nodes ((type ARG1))
-	       (allow ARG1 typeattr (node (recvfrom))))
+	    (macro recvfrom_all_nodes ((type ARG1))
+		(allow ARG1 typeattr (node (recvfrom))))
 
-	(macro recvfromsendto_all_nodes ((type ARG1))
-	       (allow ARG1 typeattr (node (recvfrom sendto))))
+	    (macro recvfromsendto_all_nodes ((type ARG1))
+		(allow ARG1 typeattr (node (recvfrom sendto))))
 
-	(macro sendto_all_nodes ((type ARG1))
-	       (allow ARG1 typeattr (node (sendto)))))
+	    (macro sendto_all_nodes ((type ARG1))
+		(allow ARG1 typeattr (node (sendto)))))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(context netnode_context (.sys.id .sys.role netnode .sys.lowlow))
+	    (context netnode_context (.sys.id .sys.role netnode .sys.lowlow))
 
-	(type netnode)
-	(call .net.netnode.type (netnode)))
+	    (type netnode)
+	    (call .net.netnode.type (netnode)))
 
-      (block macro_template
+	(block macro_template
 
-	(blockabstract macro_template)
+	    (blockabstract macro_template)
 
-	(macro nodebind_netnode_dccp_sockets ((type ARG1))
-	       (allow ARG1 netnode (dccp_socket (node_bind))))
+	    (macro nodebind_netnode_dccp_sockets ((type ARG1))
+		(allow ARG1 netnode (dccp_socket (node_bind))))
 
-	(macro nodebind_netnode_icmp_sockets ((type ARG1))
-	       (allow ARG1 netnode (icmp_socket (node_bind))))
+	    (macro nodebind_netnode_icmp_sockets ((type ARG1))
+		(allow ARG1 netnode (icmp_socket (node_bind))))
 
-	(macro nodebind_netnode_rawip_sockets ((type ARG1))
-	       (allow ARG1 netnode (rawip_socket (node_bind))))
+	    (macro nodebind_netnode_rawip_sockets ((type ARG1))
+		(allow ARG1 netnode (rawip_socket (node_bind))))
 
-	(macro nodebind_netnode_sctp_sockets ((type ARG1))
-	       (allow ARG1 netnode (sctp_socket (node_bind))))
+	    (macro nodebind_netnode_sctp_sockets ((type ARG1))
+		(allow ARG1 netnode (sctp_socket (node_bind))))
 
-	(macro nodebind_netnode_tcp_sockets ((type ARG1))
-	       (allow ARG1 netnode (tcp_socket (node_bind))))
+	    (macro nodebind_netnode_tcp_sockets ((type ARG1))
+		(allow ARG1 netnode (tcp_socket (node_bind))))
 
-	(macro nodebind_netnode_udp_sockets ((type ARG1))
-	       (allow ARG1 netnode (udp_socket (node_bind))))
+	    (macro nodebind_netnode_udp_sockets ((type ARG1))
+		(allow ARG1 netnode (udp_socket (node_bind))))
 
-	(macro recvfrom_nodes ((type ARG1))
-	       (allow ARG1 netnode (node (recvfrom))))
+	    (macro recvfrom_nodes ((type ARG1))
+		(allow ARG1 netnode (node (recvfrom))))
 
-	(macro recvfromsendto_nodes ((type ARG1))
-	       (allow ARG1 netnode (node (recvfrom sendto))))
+	    (macro recvfromsendto_nodes ((type ARG1))
+		(allow ARG1 netnode (node (recvfrom sendto))))
 
-	(macro sendto_nodes ((type ARG1))
-	       (allow ARG1 netnode (node (sendto)))))
+	    (macro sendto_nodes ((type ARG1))
+		(allow ARG1 netnode (node (sendto)))))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.netnode.base_template)
-	(blockinherit .net.netnode.macro_template))
+	    (blockinherit .net.netnode.base_template)
+	    (blockinherit .net.netnode.macro_template))
 
-      (block unconfined
+	(block unconfined
 
-	(macro type ((type ARG1))
-	       (typeattributeset typeattr ARG1))
+	    (macro type ((type ARG1))
+		(typeattributeset typeattr ARG1))
 
-	(typeattribute typeattr)
+	    (typeattribute typeattr)
 
-	(allow typeattr netnode.typeattr (dccp_socket (node_bind)))
-	(allow typeattr netnode.typeattr (icmp_socket (node_bind)))
-	(allow typeattr netnode.typeattr (node (all)))
-	(allow typeattr netnode.typeattr (rawip_socket (node_bind)))
-	(allow typeattr netnode.typeattr (sctp_socket (node_bind)))
-	(allow typeattr netnode.typeattr (tcp_socket (node_bind)))
-	(allow typeattr netnode.typeattr (udp_socket (node_bind))))))
+	    (allow typeattr netnode.typeattr (dccp_socket (node_bind)))
+	    (allow typeattr netnode.typeattr (icmp_socket (node_bind)))
+	    (allow typeattr netnode.typeattr (node (all)))
+	    (allow typeattr netnode.typeattr (rawip_socket (node_bind)))
+	    (allow typeattr netnode.typeattr (sctp_socket (node_bind)))
+	    (allow typeattr netnode.typeattr (tcp_socket (node_bind)))
+	    (allow typeattr netnode.typeattr (udp_socket (node_bind))))))
 
 (in net.unconfined
 
diff --git a/src/net/packetnet.cil b/src/net/packetnet.cil
index afb0225..89f2d37 100644
--- a/src/net/packetnet.cil
+++ b/src/net/packetnet.cil
@@ -1,50 +1,50 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (class packet (forward_in forward_out recv relabelto send))
 (classorder (unordered packet))
 
 (macro forward_invalid_packets ((type ARG1))
-       (allow ARG1 invalid (packet (forward_in forward_out))))
+    (allow ARG1 invalid (packet (forward_in forward_out))))
 
 (macro forwardin_invalid_packets ((type ARG1))
-       (allow ARG1 invalid (packet (forward_in))))
+    (allow ARG1 invalid (packet (forward_in))))
 
 (macro forwardout_invalid_packets ((type ARG1))
-       (allow ARG1 invalid (packet (forward_out))))
+    (allow ARG1 invalid (packet (forward_out))))
 
 (macro recv_invalid_packets ((type ARG1))
-       (allow ARG1 invalid (packet (recv))))
+    (allow ARG1 invalid (packet (recv))))
 
 (macro recvsend_invalid_packets ((type ARG1))
-       (allow ARG1 invalid (packet (recv send))))
+    (allow ARG1 invalid (packet (recv send))))
 
 (macro relabelto_invalid_packets ((type ARG1))
-       (allow ARG1 invalid (packet (relabelto))))
+    (allow ARG1 invalid (packet (relabelto))))
 
 (macro send_invalid_packets ((type ARG1))
-       (allow ARG1 invalid (packet (send))))
+    (allow ARG1 invalid (packet (send))))
 
 (tunableif invalid_packets
-	   (true
+    (true
 
-	    (call forward_invalid_packets (invalidpackets.except.typeattr))
-	    (call recvsend_invalid_packets (invalidpackets.except.typeattr))))
+	(call forward_invalid_packets (invalidpackets.except.typeattr))
+	(call recvsend_invalid_packets (invalidpackets.except.typeattr))))
 
 (tunableif (or invalid_associations invalid_peers)
-	   (true
+    (true
 
-	    (call forward_invalid_packets (invalid))
+	(call forward_invalid_packets (invalid))
 
-	    (call net.packet.forward_all_packets (invalid))))
+	(call net.packet.forward_all_packets (invalid))))
 
 (in ibac
 
     (constrain (packet (relabelto))
-	       (or (or (or (eq u1 u2)
-			   (and (eq t1 objchangesys.typeattr) (eq u2 .sys.id)))
-		       (eq t1 objchange.typeattr))
-		   (eq t1 exempt.typeattr))))
+	(or (or (or (eq u1 u2)
+		    (and (eq t1 objchangesys.typeattr) (eq u2 .sys.id)))
+		(eq t1 objchange.typeattr))
+	    (eq t1 exempt.typeattr))))
 
 (in invalid.unconfined
 
@@ -53,23 +53,23 @@
 (in mcs
 
     (mlsconstrain (packet (relabelto))
-		  (or (neq t1 constrained.typeattr)
-		      (and (dom h1 h2) (eq l2 h2))))
+	(or (neq t1 constrained.typeattr)
+	    (and (dom h1 h2) (eq l2 h2))))
 
     (mlsconstrain (packet (forward_in forward_out send recv))
-		  (or (dom h1 h2)
-		      (and
-		       (neq t1 constrained.typeattr)
-		       (neq t2 constrained.typeattr)))))
+	(or (dom h1 h2)
+	    (and
+		(neq t1 constrained.typeattr)
+		(neq t2 constrained.typeattr)))))
 
 (in rbac
 
     (constrain (packet (relabelto))
-	       (or (or (or (eq r1 r2)
-			   (and (eq t1 objchangesys.typeattr)
-				(eq r2 .sys.role)))
-		       (eq t1 objchange.typeattr))
-		   (eq t1 exempt.typeattr))))
+	(or (or (or (eq r1 r2)
+		    (and (eq t1 objchangesys.typeattr)
+			(eq r2 .sys.role)))
+		(eq t1 objchange.typeattr))
+	    (eq t1 exempt.typeattr))))
 
 (in net
 
@@ -77,91 +77,91 @@
 
     (block packet
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (blockinherit all_macro_template)
+	(blockinherit all_macro_template)
 
-      (call .mcs.constrained.type (typeattr))
+	(call .mcs.constrained.type (typeattr))
 
-      (call .obj.type (typeattr))
+	(call .obj.type (typeattr))
 
-      (block all_macro_template
+	(block all_macro_template
 
-	(blockabstract all_macro_template)
+	    (blockabstract all_macro_template)
 
-	(macro forward_all_packets ((type ARG1))
-	       (allow ARG1 typeattr (packet (forward_in forward_out))))
+	    (macro forward_all_packets ((type ARG1))
+		(allow ARG1 typeattr (packet (forward_in forward_out))))
 
-	(macro forwardin_all_packets ((type ARG1))
-	       (allow ARG1 typeattr (packet (forward_in))))
+	    (macro forwardin_all_packets ((type ARG1))
+		(allow ARG1 typeattr (packet (forward_in))))
 
-	(macro forwardout_all_packets ((type ARG1))
-	       (allow ARG1 typeattr (packet (forward_out))))
+	    (macro forwardout_all_packets ((type ARG1))
+		(allow ARG1 typeattr (packet (forward_out))))
 
-	(macro recv_all_packets ((type ARG1))
-	       (allow ARG1 typeattr (packet (recv))))
+	    (macro recv_all_packets ((type ARG1))
+		(allow ARG1 typeattr (packet (recv))))
 
-	(macro recvsend_all_packets ((type ARG1))
-	       (allow ARG1 typeattr (packet (recv send))))
+	    (macro recvsend_all_packets ((type ARG1))
+		(allow ARG1 typeattr (packet (recv send))))
 
-	(macro relabelto_all_packets ((type ARG1))
-	       (allow ARG1 typeattr (packet (relabelto))))
+	    (macro relabelto_all_packets ((type ARG1))
+		(allow ARG1 typeattr (packet (relabelto))))
 
-	(macro send_all_packets ((type ARG1))
-	       (allow ARG1 typeattr (packet (send)))))
+	    (macro send_all_packets ((type ARG1))
+		(allow ARG1 typeattr (packet (send)))))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(context packet_context (.sys.id .sys.role packet .sys.lowlow))
+	    (context packet_context (.sys.id .sys.role packet .sys.lowlow))
 
-	(type packet)
-	(call .net.packet.type (packet)))
+	    (type packet)
+	    (call .net.packet.type (packet)))
 
-      (block macro_template
+	(block macro_template
 
-	(blockabstract macro_template)
+	    (blockabstract macro_template)
 
-	(macro forward_packets ((type ARG1))
-	       (allow ARG1 packet (packet (forward_in forward_out))))
+	    (macro forward_packets ((type ARG1))
+		(allow ARG1 packet (packet (forward_in forward_out))))
 
-	(macro forwardin_packets ((type ARG1))
-	       (allow ARG1 packet (packet (forward_in))))
+	    (macro forwardin_packets ((type ARG1))
+		(allow ARG1 packet (packet (forward_in))))
 
-	(macro forwardout_packets ((type ARG1))
-	       (allow ARG1 packet (packet (forward_out))))
+	    (macro forwardout_packets ((type ARG1))
+		(allow ARG1 packet (packet (forward_out))))
 
-	(macro recv_packets ((type ARG1))
-	       (allow ARG1 packet (packet (recv))))
+	    (macro recv_packets ((type ARG1))
+		(allow ARG1 packet (packet (recv))))
 
-	(macro recvsend_packets ((type ARG1))
-	       (allow ARG1 packet (packet (recv send))))
+	    (macro recvsend_packets ((type ARG1))
+		(allow ARG1 packet (packet (recv send))))
 
-	(macro relabelto_packets ((type ARG1))
-	       (allow ARG1 packet (packet (relabelto))))
+	    (macro relabelto_packets ((type ARG1))
+		(allow ARG1 packet (packet (relabelto))))
 
-	(macro send_packets ((type ARG1))
-	       (allow ARG1 packet (packet (send)))))
+	    (macro send_packets ((type ARG1))
+		(allow ARG1 packet (packet (send)))))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.packet.base_template)
-	(blockinherit .net.packet.macro_template))
+	    (blockinherit .net.packet.base_template)
+	    (blockinherit .net.packet.macro_template))
 
-      (block unconfined
+	(block unconfined
 
-	(macro type ((type ARG1))
-	       (typeattributeset typeattr ARG1))
+	    (macro type ((type ARG1))
+		(typeattributeset typeattr ARG1))
 
-	(typeattribute typeattr)
+	    (typeattribute typeattr)
 
-	(allow typeattr packet.typeattr (packet (all))))))
+	    (allow typeattr packet.typeattr (packet (all))))))
 
 (in net.unconfined
 
diff --git a/src/net/peernet.cil b/src/net/peernet.cil
index f3f3564..d0ad803 100644
--- a/src/net/peernet.cil
+++ b/src/net/peernet.cil
@@ -1,4 +1,4 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (sidcontext netmsg (sys.id sys.role net.peer sys.lowlow))
@@ -7,14 +7,14 @@
 (classorder (unordered peer))
 
 (macro recv_invalid_peers ((type ARG1))
-       (allow ARG1 invalid (peer (recv))))
+    (allow ARG1 invalid (peer (recv))))
 
 (tunableif invalid_peers
-	   (true
+    (true
 
-	    (call association_invalid_sctp_sockets
-		  (invalidpeers.except.typeattr))
-	    (call recv_invalid_peers (invalidpeers.except.typeattr))))
+	(call association_invalid_sctp_sockets
+	    (invalidpeers.except.typeattr))
+	(call recv_invalid_peers (invalidpeers.except.typeattr))))
 
 (in invalid.unconfined
 
@@ -23,10 +23,10 @@
 (in mcs
 
     (mlsconstrain (peer (recv))
-		  (or (dom h1 h2)
-		      (and
-		       (neq t1 constrained.typeattr)
-		       (neq t2 constrained.typeattr)))))
+	(or (dom h1 h2)
+	    (and
+		(neq t1 constrained.typeattr)
+		(neq t2 constrained.typeattr)))))
 
 (in net
 
@@ -34,62 +34,62 @@
 
     (block peer
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (blockinherit all_macro_template)
+	(blockinherit all_macro_template)
 
-      (call .mcs.constrained.type (typeattr))
+	(call .mcs.constrained.type (typeattr))
 
-      (call .obj.type (typeattr))
+	(call .obj.type (typeattr))
 
-      (block all_macro_template
+	(block all_macro_template
 
-	(blockabstract all_macro_template)
+	    (blockabstract all_macro_template)
 
-	(macro recv_all_peers ((type ARG1))
-	       (allow ARG1 typeattr (peer (recv))))
+	    (macro recv_all_peers ((type ARG1))
+		(allow ARG1 typeattr (peer (recv))))
 
-	(macro association_all_sctp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (sctp_socket (association)))))
+	    (macro association_all_sctp_sockets ((type ARG1))
+		(allow ARG1 typeattr (sctp_socket (association)))))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(context peer_context (.sys.id .sys.role peer .sys.lowlow))
+	    (context peer_context (.sys.id .sys.role peer .sys.lowlow))
 
-	(type peer)
-	(call .net.peer.type (peer)))
+	    (type peer)
+	    (call .net.peer.type (peer)))
 
-      (block macro_template
+	(block macro_template
 
-	(blockabstract macro_template)
+	    (blockabstract macro_template)
 
-	(macro recv_peers ((type ARG1))
-	       (allow ARG1 peer (peer (recv))))
+	    (macro recv_peers ((type ARG1))
+		(allow ARG1 peer (peer (recv))))
 
-	(macro association_peer_sctp_sockets ((type ARG1))
-	       (allow ARG1 peer (sctp_socket (association)))))
+	    (macro association_peer_sctp_sockets ((type ARG1))
+		(allow ARG1 peer (sctp_socket (association)))))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.peer.base_template)
-	(blockinherit .net.peer.macro_template))
+	    (blockinherit .net.peer.base_template)
+	    (blockinherit .net.peer.macro_template))
 
-      (block unconfined
+	(block unconfined
 
-	(macro type ((type ARG1))
-	       (typeattributeset typeattr ARG1))
+	    (macro type ((type ARG1))
+		(typeattributeset typeattr ARG1))
 
-	(typeattribute typeattr)
+	    (typeattribute typeattr)
 
-	(allow typeattr peer.typeattr (peer (all)))
-	(allow typeattr peer.typeattr (sctp_socket (association))))))
+	    (allow typeattr peer.typeattr (peer (all)))
+	    (allow typeattr peer.typeattr (sctp_socket (association))))))
 
 (in net.unconfined
 
@@ -98,12 +98,12 @@
 (in subj
 
     (macro recv_all_peers ((type ARG1))
-	   (allow ARG1 typeattr (peer (recv)))))
+	(allow ARG1 typeattr (peer (recv)))))
 
 (in subj.macro_template
 
     (macro recv_subj_peers ((type ARG1))
-	   (allow ARG1 subj (peer (recv)))))
+	(allow ARG1 subj (peer (recv)))))
 
 (in subj.unconfined
 
diff --git a/src/net/portnet.cil b/src/net/portnet.cil
index 8547217..e1ea2b1 100644
--- a/src/net/portnet.cil
+++ b/src/net/portnet.cil
@@ -1,4 +1,4 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (sidcontext port (sys.id sys.role net.port sys.lowlow))
@@ -9,106 +9,106 @@
 
     (block port
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (blockinherit all_macro_template)
+	(blockinherit all_macro_template)
 
-      (call .obj.type (typeattr))
+	(call .obj.type (typeattr))
 
-      (block all_macro_template
+	(block all_macro_template
 
-	(blockabstract all_macro_template)
+	    (blockabstract all_macro_template)
 
-	(macro namebind_all_dccp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (dccp_socket (name_bind))))
+	    (macro namebind_all_dccp_sockets ((type ARG1))
+		(allow ARG1 typeattr (dccp_socket (name_bind))))
 
-	(macro namebind_all_icmp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (icmp_socket (name_bind))))
+	    (macro namebind_all_icmp_sockets ((type ARG1))
+		(allow ARG1 typeattr (icmp_socket (name_bind))))
 
-	(macro namebind_all_rawip_sockets ((type ARG1))
-	       (allow ARG1 typeattr (rawip_socket (name_bind))))
+	    (macro namebind_all_rawip_sockets ((type ARG1))
+		(allow ARG1 typeattr (rawip_socket (name_bind))))
 
-	(macro namebind_all_sctp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (sctp_socket (name_bind))))
+	    (macro namebind_all_sctp_sockets ((type ARG1))
+		(allow ARG1 typeattr (sctp_socket (name_bind))))
 
-	(macro namebind_all_tcp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (tcp_socket (name_bind))))
+	    (macro namebind_all_tcp_sockets ((type ARG1))
+		(allow ARG1 typeattr (tcp_socket (name_bind))))
 
-	(macro namebind_all_udp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (udp_socket (name_bind))))
+	    (macro namebind_all_udp_sockets ((type ARG1))
+		(allow ARG1 typeattr (udp_socket (name_bind))))
 
-	(macro nameconnect_all_dccp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (dccp_socket (name_connect))))
+	    (macro nameconnect_all_dccp_sockets ((type ARG1))
+		(allow ARG1 typeattr (dccp_socket (name_connect))))
 
-	(macro nameconnect_all_sctp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (sctp_socket (name_connect))))
+	    (macro nameconnect_all_sctp_sockets ((type ARG1))
+		(allow ARG1 typeattr (sctp_socket (name_connect))))
 
-	(macro nameconnect_all_tcp_sockets ((type ARG1))
-	       (allow ARG1 typeattr (tcp_socket (name_connect)))))
+	    (macro nameconnect_all_tcp_sockets ((type ARG1))
+		(allow ARG1 typeattr (tcp_socket (name_connect)))))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(context port_context (.sys.id .sys.role port .sys.lowlow))
+	    (context port_context (.sys.id .sys.role port .sys.lowlow))
 
-	(type port)
-	(call .net.port.type (port)))
+	    (type port)
+	    (call .net.port.type (port)))
 
-      (block macro_template
+	(block macro_template
 
-	(blockabstract macro_template)
+	    (blockabstract macro_template)
 
-	(macro namebind_port_dccp_sockets ((type ARG1))
-	       (allow ARG1 port (dccp_socket (name_bind))))
+	    (macro namebind_port_dccp_sockets ((type ARG1))
+		(allow ARG1 port (dccp_socket (name_bind))))
 
-	(macro namebind_port_icmp_sockets ((type ARG1))
-	       (allow ARG1 port (icmp_socket (name_bind))))
+	    (macro namebind_port_icmp_sockets ((type ARG1))
+		(allow ARG1 port (icmp_socket (name_bind))))
 
-	(macro namebind_port_rawip_sockets ((type ARG1))
-	       (allow ARG1 port (rawip_socket (name_bind))))
+	    (macro namebind_port_rawip_sockets ((type ARG1))
+		(allow ARG1 port (rawip_socket (name_bind))))
 
-	(macro namebind_port_sctp_sockets ((type ARG1))
-	       (allow ARG1 port (sctp_socket (name_bind))))
+	    (macro namebind_port_sctp_sockets ((type ARG1))
+		(allow ARG1 port (sctp_socket (name_bind))))
 
-	(macro namebind_port_tcp_sockets ((type ARG1))
-	       (allow ARG1 port (tcp_socket (name_bind))))
+	    (macro namebind_port_tcp_sockets ((type ARG1))
+		(allow ARG1 port (tcp_socket (name_bind))))
 
-	(macro namebind_port_udp_sockets ((type ARG1))
-	       (allow ARG1 port (udp_socket (name_bind))))
+	    (macro namebind_port_udp_sockets ((type ARG1))
+		(allow ARG1 port (udp_socket (name_bind))))
 
-	(macro nameconnect_port_dccp_sockets ((type ARG1))
-	       (allow ARG1 port (dccp_socket (name_connect))))
+	    (macro nameconnect_port_dccp_sockets ((type ARG1))
+		(allow ARG1 port (dccp_socket (name_connect))))
 
-	(macro nameconnect_port_sctp_sockets ((type ARG1))
-	       (allow ARG1 port (sctp_socket (name_connect))))
+	    (macro nameconnect_port_sctp_sockets ((type ARG1))
+		(allow ARG1 port (sctp_socket (name_connect))))
 
-	(macro nameconnect_port_tcp_sockets ((type ARG1))
-	       (allow ARG1 port (tcp_socket (name_connect)))))
+	    (macro nameconnect_port_tcp_sockets ((type ARG1))
+		(allow ARG1 port (tcp_socket (name_connect)))))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.port.base_template)
-	(blockinherit .net.port.macro_template))
+	    (blockinherit .net.port.base_template)
+	    (blockinherit .net.port.macro_template))
 
-      (block unconfined
+	(block unconfined
 
-	(macro type ((type ARG1))
-	       (typeattributeset typeattr ARG1))
+	    (macro type ((type ARG1))
+		(typeattributeset typeattr ARG1))
 
-	(typeattribute typeattr)
+	    (typeattribute typeattr)
 
-	(allow typeattr port.typeattr (dccp_socket (name_bind name_connect)))
-	(allow typeattr port.typeattr (icmp_socket (name_bind)))
-	(allow typeattr port.typeattr (rawip_socket (name_bind)))
-	(allow typeattr port.typeattr (sctp_socket (name_bind name_connect)))
-	(allow typeattr port.typeattr (tcp_socket (name_bind name_connect)))
-	(allow typeattr port.typeattr (udp_socket (name_bind))))))
+	    (allow typeattr port.typeattr (dccp_socket (name_bind name_connect)))
+	    (allow typeattr port.typeattr (icmp_socket (name_bind)))
+	    (allow typeattr port.typeattr (rawip_socket (name_bind)))
+	    (allow typeattr port.typeattr (sctp_socket (name_bind name_connect)))
+	    (allow typeattr port.typeattr (tcp_socket (name_bind name_connect)))
+	    (allow typeattr port.typeattr (udp_socket (name_bind))))))
 
 (in net.unconfined
 
diff --git a/src/net/portnet/ephemeralportnet.cil b/src/net/portnet/ephemeralportnet.cil
index 6f8f42e..abdcbb0 100644
--- a/src/net/portnet/ephemeralportnet.cil
+++ b/src/net/portnet/ephemeralportnet.cil
@@ -1,39 +1,39 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (block ephemeral
 
-  (portcon "dccp" (32768 60999) port_context)
-  (portcon "sctp" (32768 60999) port_context)
-  (portcon "tcp" (32768 60999) port_context)
-  (portcon "udp" (32768 60999) port_context)
+    (portcon "dccp" (32768 60999) port_context)
+    (portcon "sctp" (32768 60999) port_context)
+    (portcon "tcp" (32768 60999) port_context)
+    (portcon "udp" (32768 60999) port_context)
 
-  (blockinherit .net.port.ephemeral.template))
+    (blockinherit .net.port.ephemeral.template))
 
 (in net.port
 
     (block ephemeral
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (blockinherit .net.port.all_macro_template)
+	(blockinherit .net.port.all_macro_template)
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (call .net.port.type (typeattr))
+	(call .net.port.type (typeattr))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(blockinherit .net.port.base_template)
+	    (blockinherit .net.port.base_template)
 
-	(call .net.port.ephemeral.type (port)))
+	    (call .net.port.ephemeral.type (port)))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.port.ephemeral.base_template)
-	(blockinherit .net.port.macro_template))))
+	    (blockinherit .net.port.ephemeral.base_template)
+	    (blockinherit .net.port.macro_template))))
diff --git a/src/net/portnet/reservedportnet.cil b/src/net/portnet/reservedportnet.cil
index b86c9fe..983c993 100644
--- a/src/net/portnet/reservedportnet.cil
+++ b/src/net/portnet/reservedportnet.cil
@@ -1,39 +1,39 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (block reserved
 
-  (portcon "dccp" (1 1023) port_context)
-  (portcon "sctp" (1 1023) port_context)
-  (portcon "tcp" (1 1023) port_context)
-  (portcon "udp" (1 1023) port_context)
+    (portcon "dccp" (1 1023) port_context)
+    (portcon "sctp" (1 1023) port_context)
+    (portcon "tcp" (1 1023) port_context)
+    (portcon "udp" (1 1023) port_context)
 
-  (blockinherit .net.port.reserved.template))
+    (blockinherit .net.port.reserved.template))
 
 (in net.port
 
     (block reserved
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (blockinherit .net.port.all_macro_template)
+	(blockinherit .net.port.all_macro_template)
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (call .net.port.type (typeattr))
+	(call .net.port.type (typeattr))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(blockinherit .net.port.base_template)
+	    (blockinherit .net.port.base_template)
 
-	(call .net.port.reserved.type (port)))
+	    (call .net.port.reserved.type (port)))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.port.macro_template)
-	(blockinherit .net.port.reserved.base_template))))
+	    (blockinherit .net.port.macro_template)
+	    (blockinherit .net.port.reserved.base_template))))
diff --git a/src/net/portnet/unreservedportnet.cil b/src/net/portnet/unreservedportnet.cil
index 6359d64..c372493 100644
--- a/src/net/portnet/unreservedportnet.cil
+++ b/src/net/portnet/unreservedportnet.cil
@@ -1,43 +1,43 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (block unreserved
 
-  (portcon "dccp" (1024 32767) port_context)
-  (portcon "dccp" (61000 65535) port_context)
-  (portcon "sctp" (1024 32767) port_context)
-  (portcon "sctp" (61000 65535) port_context)
-  (portcon "tcp" (1024 32767) port_context)
-  (portcon "tcp" (61000 65535) port_context)
-  (portcon "udp" (1024 32767) port_context)
-  (portcon "udp" (61000 65535) port_context)
+    (portcon "dccp" (1024 32767) port_context)
+    (portcon "dccp" (61000 65535) port_context)
+    (portcon "sctp" (1024 32767) port_context)
+    (portcon "sctp" (61000 65535) port_context)
+    (portcon "tcp" (1024 32767) port_context)
+    (portcon "tcp" (61000 65535) port_context)
+    (portcon "udp" (1024 32767) port_context)
+    (portcon "udp" (61000 65535) port_context)
 
-  (blockinherit .net.port.unreserved.template))
+    (blockinherit .net.port.unreserved.template))
 
 (in net.port
 
     (block unreserved
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (blockinherit .net.port.all_macro_template)
+	(blockinherit .net.port.all_macro_template)
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (call .net.port.type (typeattr))
+	(call .net.port.type (typeattr))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(blockinherit .net.port.base_template)
+	    (blockinherit .net.port.base_template)
 
-	(call .net.port.unreserved.type (port)))
+	    (call .net.port.unreserved.type (port)))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.port.macro_template)
-	(blockinherit .net.port.unreserved.base_template))))
+	    (blockinherit .net.port.macro_template)
+	    (blockinherit .net.port.unreserved.base_template))))
diff --git a/src/net/spdnet.cil b/src/net/spdnet.cil
index 668afb1..0d6c02e 100644
--- a/src/net/spdnet.cil
+++ b/src/net/spdnet.cil
@@ -1,34 +1,34 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
 (class association (polmatch recvfrom sendto setcontext))
 (classorder (unordered association))
 
 (macro polmatch_invalid_associations ((type ARG1))
-       (allow ARG1 invalid (association (polmatch))))
+    (allow ARG1 invalid (association (polmatch))))
 
 (macro polmatchsetcontext_invalid_associations ((type ARG1))
-       (allow ARG1 invalid (association (polmatch setcontext))))
+    (allow ARG1 invalid (association (polmatch setcontext))))
 
 (macro recvfrom_invalid_associations ((type ARG1))
-       (allow ARG1 invalid (association (recvfrom))))
+    (allow ARG1 invalid (association (recvfrom))))
 
 (macro recvfromsendto_invalid_associations ((type ARG1))
-       (allow ARG1 invalid (association (recvfrom sendto))))
+    (allow ARG1 invalid (association (recvfrom sendto))))
 
 (macro sendto_invalid_associations ((type ARG1))
-       (allow ARG1 invalid (association (sendto))))
+    (allow ARG1 invalid (association (sendto))))
 
 (macro setcontext_invalid_associations ((type ARG1))
-       (allow ARG1 invalid (association (setcontext))))
+    (allow ARG1 invalid (association (setcontext))))
 
 (tunableif invalid_associations
-	   (true
+    (true
 
-	    (call association_invalid_sctp_sockets
-		  (invalidassociations.except.typeattr))
-	    (call recvfromsendto_invalid_associations
-		  (invalidassociations.except.typeattr))))
+	(call association_invalid_sctp_sockets
+	    (invalidassociations.except.typeattr))
+	(call recvfromsendto_invalid_associations
+	    (invalidassociations.except.typeattr))))
 
 (in invalid.unconfined
 
@@ -37,10 +37,10 @@
 (in mcs
 
     (mlsconstrain (association (sendto recvfrom))
-		  (or (dom h1 h2)
-		      (and
-		       (neq t1 constrained.typeattr)
-		       (neq t2 constrained.typeattr)))))
+	(or (dom h1 h2)
+	    (and
+		(neq t1 constrained.typeattr)
+		(neq t2 constrained.typeattr)))))
 
 (in net
 
@@ -48,65 +48,65 @@
 
     (block spd
 
-      (macro type ((type ARG1))
-	     (typeattributeset typeattr ARG1))
+	(macro type ((type ARG1))
+	    (typeattributeset typeattr ARG1))
 
-      (typeattribute typeattr)
+	(typeattribute typeattr)
 
-      (blockinherit all_macro_template)
+	(blockinherit all_macro_template)
 
-      (call .obj.type (typeattr))
+	(call .obj.type (typeattr))
 
-      (block all_macro_template
+	(block all_macro_template
 
-	(blockabstract all_macro_template)
+	    (blockabstract all_macro_template)
 
-	(macro polmatch_all_associations ((type ARG1))
-	       (allow ARG1 typeattr (association (polmatch))))
+	    (macro polmatch_all_associations ((type ARG1))
+		(allow ARG1 typeattr (association (polmatch))))
 
-	(macro polmatchsetcontext_all_associations ((type ARG1))
-	       (allow ARG1 typeattr (association (polmatch setcontext))))
+	    (macro polmatchsetcontext_all_associations ((type ARG1))
+		(allow ARG1 typeattr (association (polmatch setcontext))))
 
-	(macro setcontext_all_associations ((type ARG1))
-	       (allow ARG1 typeattr (association (setcontext)))))
+	    (macro setcontext_all_associations ((type ARG1))
+		(allow ARG1 typeattr (association (setcontext)))))
 
-      (block base_template
+	(block base_template
 
-	(blockabstract base_template)
+	    (blockabstract base_template)
 
-	(context spd_context (.sys.id .sys.role spd .sys.lowlow))
+	    (context spd_context (.sys.id .sys.role spd .sys.lowlow))
 
-	(type spd)
-	(call .net.spd.type (spd)))
+	    (type spd)
+	    (call .net.spd.type (spd)))
 
-      (block macro_template
+	(block macro_template
 
-	(blockabstract macro_template)
+	    (blockabstract macro_template)
 
-	(macro polmatch_spd_associations ((type ARG1))
-	       (allow ARG1 spd (association (polmatch))))
+	    (macro polmatch_spd_associations ((type ARG1))
+		(allow ARG1 spd (association (polmatch))))
 
-	(macro polmatchsetcontext_spd_associations ((type ARG1))
-	       (allow ARG1 spd (association (polmatch setcontext))))
+	    (macro polmatchsetcontext_spd_associations ((type ARG1))
+		(allow ARG1 spd (association (polmatch setcontext))))
 
-	(macro setcontext_spd_associations ((type ARG1))
-	       (allow ARG1 spd (association (setcontext)))))
+	    (macro setcontext_spd_associations ((type ARG1))
+		(allow ARG1 spd (association (setcontext)))))
 
-      (block template
+	(block template
 
-	(blockabstract template)
+	    (blockabstract template)
 
-	(blockinherit .net.spd.base_template)
-	(blockinherit .net.spd.macro_template))
+	    (blockinherit .net.spd.base_template)
+	    (blockinherit .net.spd.macro_template))
 
-      (block unconfined
+	(block unconfined
 
-	(macro type ((type ARG1))
-	       (typeattributeset typeattr ARG1))
+	    (macro type ((type ARG1))
+		(typeattributeset typeattr ARG1))
 
-	(typeattribute typeattr)
+	    (typeattribute typeattr)
 
-	(allow typeattr spd.typeattr (association (polmatch setcontext))))))
+	    (allow typeattr spd.typeattr (association (polmatch setcontext))))))
 
 (in net.unconfined
 
@@ -115,24 +115,24 @@
 (in subj
 
     (macro recvfrom_all_associations ((type ARG1))
-	   (allow ARG1 typeattr (association (recvfrom))))
+	(allow ARG1 typeattr (association (recvfrom))))
 
     (macro recvfromsendto_all_associations ((type ARG1))
-	   (allow ARG1 typeattr (association (recvfrom sendto))))
+	(allow ARG1 typeattr (association (recvfrom sendto))))
 
     (macro sendto_all_associations ((type ARG1))
-	   (allow ARG1 typeattr (association (sendto)))))
+	(allow ARG1 typeattr (association (sendto)))))
 
 (in subj.macro_template
 
     (macro recvfrom_subj_associations ((type ARG1))
-	   (allow ARG1 subj (association (recvfrom))))
+	(allow ARG1 subj (association (recvfrom))))
 
     (macro recvfromsendto_subj_associations ((type ARG1))
-	   (allow ARG1 subj (association (recvfrom sendto))))
+	(allow ARG1 subj (association (recvfrom sendto))))
 
     (macro sendto_subj_associations ((type ARG1))
-	   (allow ARG1 subj (association (sendto)))))
+	(allow ARG1 subj (association (sendto)))))
 
 (in subj.unconfined
author	John Turner <jturner.usa@gmail.com>	2025-08-16 14:43:06 -0400
committer	John Turner <jturner.usa@gmail.com>	2025-08-16 14:43:06 -0400
commit	58ffeaf9b49e662e49d24a2d71dcdc9fac2949f8 (patch)
tree	84c645e32aac8eb468f41df33fbac7b0a8584887 /src/net
parent	cfd55472db08f37b2123c350ce76fb3d916d25f6 (diff)
download	selinux-policy-58ffeaf9b49e662e49d24a2d71dcdc9fac2949f8.tar.gz