diff options
Diffstat (limited to 'src/net/peernet.cil')
| -rw-r--r-- | src/net/peernet.cil | 90 |
1 files changed, 45 insertions, 45 deletions
diff --git a/src/net/peernet.cil b/src/net/peernet.cil index f3f3564..d0ad803 100644 --- a/src/net/peernet.cil +++ b/src/net/peernet.cil @@ -1,4 +1,4 @@ -;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl> +;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl> ;; SPDX-License-Identifier: Unlicense (sidcontext netmsg (sys.id sys.role net.peer sys.lowlow)) @@ -7,14 +7,14 @@ (classorder (unordered peer)) (macro recv_invalid_peers ((type ARG1)) - (allow ARG1 invalid (peer (recv)))) + (allow ARG1 invalid (peer (recv)))) (tunableif invalid_peers - (true + (true - (call association_invalid_sctp_sockets - (invalidpeers.except.typeattr)) - (call recv_invalid_peers (invalidpeers.except.typeattr)))) + (call association_invalid_sctp_sockets + (invalidpeers.except.typeattr)) + (call recv_invalid_peers (invalidpeers.except.typeattr)))) (in invalid.unconfined @@ -23,10 +23,10 @@ (in mcs (mlsconstrain (peer (recv)) - (or (dom h1 h2) - (and - (neq t1 constrained.typeattr) - (neq t2 constrained.typeattr))))) + (or (dom h1 h2) + (and + (neq t1 constrained.typeattr) + (neq t2 constrained.typeattr))))) (in net @@ -34,62 +34,62 @@ (block peer - (macro type ((type ARG1)) - (typeattributeset typeattr ARG1)) + (macro type ((type ARG1)) + (typeattributeset typeattr ARG1)) - (typeattribute typeattr) + (typeattribute typeattr) - (blockinherit all_macro_template) + (blockinherit all_macro_template) - (call .mcs.constrained.type (typeattr)) + (call .mcs.constrained.type (typeattr)) - (call .obj.type (typeattr)) + (call .obj.type (typeattr)) - (block all_macro_template + (block all_macro_template - (blockabstract all_macro_template) + (blockabstract all_macro_template) - (macro recv_all_peers ((type ARG1)) - (allow ARG1 typeattr (peer (recv)))) + (macro recv_all_peers ((type ARG1)) + (allow ARG1 typeattr (peer (recv)))) - (macro association_all_sctp_sockets ((type ARG1)) - (allow ARG1 typeattr (sctp_socket (association))))) + (macro association_all_sctp_sockets ((type ARG1)) + (allow ARG1 typeattr (sctp_socket (association))))) - (block base_template + (block base_template - (blockabstract base_template) + (blockabstract base_template) - (context peer_context (.sys.id .sys.role peer .sys.lowlow)) + (context peer_context (.sys.id .sys.role peer .sys.lowlow)) - (type peer) - (call .net.peer.type (peer))) + (type peer) + (call .net.peer.type (peer))) - (block macro_template + (block macro_template - (blockabstract macro_template) + (blockabstract macro_template) - (macro recv_peers ((type ARG1)) - (allow ARG1 peer (peer (recv)))) + (macro recv_peers ((type ARG1)) + (allow ARG1 peer (peer (recv)))) - (macro association_peer_sctp_sockets ((type ARG1)) - (allow ARG1 peer (sctp_socket (association))))) + (macro association_peer_sctp_sockets ((type ARG1)) + (allow ARG1 peer (sctp_socket (association))))) - (block template + (block template - (blockabstract template) + (blockabstract template) - (blockinherit .net.peer.base_template) - (blockinherit .net.peer.macro_template)) + (blockinherit .net.peer.base_template) + (blockinherit .net.peer.macro_template)) - (block unconfined + (block unconfined - (macro type ((type ARG1)) - (typeattributeset typeattr ARG1)) + (macro type ((type ARG1)) + (typeattributeset typeattr ARG1)) - (typeattribute typeattr) + (typeattribute typeattr) - (allow typeattr peer.typeattr (peer (all))) - (allow typeattr peer.typeattr (sctp_socket (association)))))) + (allow typeattr peer.typeattr (peer (all))) + (allow typeattr peer.typeattr (sctp_socket (association)))))) (in net.unconfined @@ -98,12 +98,12 @@ (in subj (macro recv_all_peers ((type ARG1)) - (allow ARG1 typeattr (peer (recv))))) + (allow ARG1 typeattr (peer (recv))))) (in subj.macro_template (macro recv_subj_peers ((type ARG1)) - (allow ARG1 subj (peer (recv))))) + (allow ARG1 subj (peer (recv))))) (in subj.unconfined |