platform_bionic/libc/SECCOMP_BLOCKLIST_COMMON.TXT

# This file is used to populate seccomp's allowlist policy in combination with SYSCALLS.TXT.
# Note that the resultant policy is applied only to zygote spawned processes.
#
# The final seccomp allowlist is SYSCALLS.TXT - SECCOMP_BLOCKLIST.TXT + SECCOMP_ALLOWLIST.TXT
# Any entry in the blocklist must be in the syscalls file and not be in the allowlist file
#
# This file is processed by a python script named genseccomp.py.

int     swapon(const char*, int) all
int     swapoff(const char*) all
Use more inclusive language for seccomp filter blacklist and whitelist are replaced with blocklist and allowlist respectively. Test: CtsSeccompHostTestCases Change-Id: I39d9eda89038d1addbdaed59284a254a34cea1c6 2020-06-15 18:29:07 +02:00			`# This file is used to populate seccomp's allowlist policy in combination with SYSCALLS.TXT.`
			`# Note that the resultant policy is applied only to zygote spawned processes.`
			`#`
			`# The final seccomp allowlist is SYSCALLS.TXT - SECCOMP_BLOCKLIST.TXT + SECCOMP_ALLOWLIST.TXT`
			`# Any entry in the blocklist must be in the syscalls file and not be in the allowlist file`
			`#`
			`# This file is processed by a python script named genseccomp.py.`

			`int swapon(const char*, int) all`
			`int swapoff(const char*) all`