Merge "Remove stutter." into main
diff --git a/libc/SECCOMP_ALLOWLIST_APP.TXT b/libc/SECCOMP_ALLOWLIST_APP.TXT
index 7e1ecde..80b15b2 100644
--- a/libc/SECCOMP_ALLOWLIST_APP.TXT
+++ b/libc/SECCOMP_ALLOWLIST_APP.TXT
@@ -4,36 +4,36 @@
# This file is processed by a python script named genseccomp.py.
# Needed for debugging 32-bit Chrome
-int pipe:pipe(int pipefd[2]) lp32
+int pipe(int pipefd[2]) lp32
# b/34651972
-int access:access(const char *pathname, int mode) lp32
-int stat64:stat64(const char*, struct stat64*) lp32
+int access(const char *pathname, int mode) lp32
+int stat64(const char*, struct stat64*) lp32
# b/34813887
-int open:open(const char *path, int oflag, ... ) lp32,x86_64
-int getdents:getdents(unsigned int fd, struct linux_dirent *dirp, unsigned int count) lp32,x86_64
+int open(const char *path, int oflag, ... ) lp32,x86_64
+int getdents(unsigned int fd, struct linux_dirent *dirp, unsigned int count) lp32,x86_64
# b/34719286
-int eventfd:eventfd(unsigned int initval, int flags) lp32
+int eventfd(unsigned int initval, int flags) lp32
# b/34817266
-int epoll_wait:epoll_wait(int epfd, struct epoll_event *events, int maxevents, int timeout) lp32
+int epoll_wait(int epfd, struct epoll_event *events, int maxevents, int timeout) lp32
# b/34908783
-int epoll_create:epoll_create(int size) lp32
+int epoll_create(int size) lp32
# b/34979910
-int creat:creat(const char *pathname, mode_t mode) lp32
-int unlink:unlink(const char *pathname) lp32
+int creat(const char *pathname, mode_t mode) lp32
+int unlink(const char *pathname) lp32
# b/35059702
-int lstat64:lstat64(const char*, struct stat64*) lp32
+int lstat64(const char*, struct stat64*) lp32
# b/35217603
-int fcntl:fcntl(int fd, int cmd, ... /* arg */ ) lp32
-pid_t fork:fork() lp32
-int poll:poll(struct pollfd *fds, nfds_t nfds, int timeout) lp32
+int fcntl(int fd, int cmd, ... /* arg */ ) lp32
+pid_t fork() lp32
+int poll(struct pollfd *fds, nfds_t nfds, int timeout) lp32
# b/35906875
int inotify_init() lp32
diff --git a/libc/SECCOMP_BLOCKLIST_APP.TXT b/libc/SECCOMP_BLOCKLIST_APP.TXT
index 049d577..b9ecc02 100644
--- a/libc/SECCOMP_BLOCKLIST_APP.TXT
+++ b/libc/SECCOMP_BLOCKLIST_APP.TXT
@@ -6,40 +6,39 @@
#
# This file is processed by a python script named genseccomp.py.
-# Note: Some privileged syscalls are still needed in app process after fork before uid change,
-# including capset and setresuid. This is because the seccomp filter must be installed while
-# the process still has CAP_SYS_ADMIN; changing the uid would remove that capability.
-
-# syscalls to modify IDs
-int setgid:setgid32(gid_t) lp32
-int setgid:setgid(gid_t) lp64
-int setuid:setuid32(uid_t) lp32
-int setuid:setuid(uid_t) lp64
-int setregid:setregid32(gid_t, gid_t) lp32
-int setregid:setregid(gid_t, gid_t) lp64
-int setreuid:setreuid32(uid_t, uid_t) lp32
-int setreuid:setreuid(uid_t, uid_t) lp64
-int setresgid:setresgid32(gid_t, gid_t, gid_t) lp32
-int setresgid:setresgid(gid_t, gid_t, gid_t) lp64
+# Syscalls to modify IDs.
+# Note: Some privileged syscalls are still needed in app_process after fork but
+# before uid change, including capset and setresuid. This is because the seccomp
+# filter must be installed while the process still has CAP_SYS_ADMIN; changing
+# the uid would remove that capability.
+int setgid32(gid_t) lp32
+int setgid(gid_t) lp64
+int setuid32(uid_t) lp32
+int setuid(uid_t) lp64
+int setregid32(gid_t, gid_t) lp32
+int setregid(gid_t, gid_t) lp64
+int setreuid32(uid_t, uid_t) lp32
+int setreuid(uid_t, uid_t) lp64
+int setresgid32(gid_t, gid_t, gid_t) lp32
+int setresgid(gid_t, gid_t, gid_t) lp64
# setresuid is explicitly allowed, see above.
-int setfsgid:setfsgid32(gid_t) lp32
-int setfsgid:setfsgid(gid_t) lp64
-int setfsuid:setfsuid32(uid_t) lp32
-int setfsuid:setfsuid(uid_t) lp64
-int setgroups:setgroups32(int, const gid_t*) lp32
-int setgroups:setgroups(int, const gid_t*) lp64
+int setfsgid32(gid_t) lp32
+int setfsgid(gid_t) lp64
+int setfsuid32(uid_t) lp32
+int setfsuid(uid_t) lp64
+int setgroups32(int, const gid_t*) lp32
+int setgroups(int, const gid_t*) lp64
-# syscalls to modify times
+# Syscalls to modify times.
int adjtimex(struct timex*) all
int clock_adjtime(clockid_t, struct timex*) all
int clock_settime(clockid_t, const struct timespec*) all
int settimeofday(const struct timeval*, const struct timezone*) all
int acct(const char* filepath) all
-int klogctl:syslog(int, char*, int) all
+int syslog(int, char*, int) all
int chroot(const char*) all
-# syscalls to change machine various configurations
int init_module(void*, unsigned long, const char*) all
int delete_module(const char*, unsigned int) all
int mount(const char*, const char*, const char*, unsigned long, const void*) all
@@ -48,4 +47,4 @@
int swapoff(const char*) all
int setdomainname(const char*, size_t) all
int sethostname(const char*, size_t) all
-int __reboot:reboot(int, int, int, void*) all
+int reboot(int, int, int, void*) all