)]}'
{
  "commit": "cad3fde556297e2485dd59f4b8cea706a9404202",
  "tree": "ad7cc4d8a972c87520762a5bb74151b8b31390f9",
  "parents": [
    "7d698904b713098bfd469644432ba60107dbe7b0"
  ],
  "author": {
    "name": "Sergio Gómez",
    "email": "sergio.gdr@collabora.corp-partner.google.com",
    "time": "Thu Jun 26 23:43:10 2025"
  },
  "committer": {
    "name": "Chromeos LUCI",
    "email": "chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Tue Jul 15 13:43:03 2025"
  },
  "message": "seccomp: allow the clone3 syscall in seccomp policies\n\nWe currently only allow conditionally the clone3 syscall through the\n+clone3 USE flag. Gentoo removed this flag starting with glibc version\n2.36, since the last app that used the flag (Discord) fixed the issue\n(see https://bugs.gentoo.org/827386#c4).\nAlso, this syscall is implemented in all versions of our kernels (it was\nintroduced in v5.3), so it is safe to allow it.\n\nSince glibc internally forwards clone() to clone3(), we add clone3 to\nthe seccomp policies that already have a rule for clone.\n\nBUG\u003db:428902090\nTEST\u003drebuilt SDK and cros toolchain with clone3 enabled; boot on jacuzzi\nand drive for a while.\n\nChange-Id: I0119f0a882bdff89925d654ebd1d0f89871ebbd0\nReviewed-on: https://chromium-review.googlesource.com/c/aosp/platform/frameworks/ml/+/6695017\nReviewed-by: George Burgess \u003cgbiv@chromium.org\u003e\nReviewed-by: Jordan Abrahams-Whitehead \u003cajordanr@google.com\u003e\nCommit-Queue: Sergio Andres Gomez Del Real \u003csergio.gdr@collabora.corp-partner.google.com\u003e\nReviewed-by: Di Wu \u003cdiwux@google.com\u003e\nReviewed-by: Jim Pollock \u003cjmpollock@chromium.org\u003e\nTested-by: Sergio Andres Gomez Del Real \u003csergio.gdr@collabora.corp-partner.google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "5ca91cd7bdfc6de2b53698b700cb6b2c29b973f3",
      "old_mode": 33188,
      "old_path": "seccomp/nnapi-hal-driver-seccomp-amd64.policy",
      "new_id": "5702d760c37e27b7265ce6a10468160e2bde56ad",
      "new_mode": 33188,
      "new_path": "seccomp/nnapi-hal-driver-seccomp-amd64.policy"
    },
    {
      "type": "modify",
      "old_id": "bf816a0558962834889657f2438287b456818b7c",
      "old_mode": 33188,
      "old_path": "seccomp/nnapi-hal-driver-seccomp-arm.policy",
      "new_id": "753b97fcee47e58d5c199b0e26d123c1a48de1a1",
      "new_mode": 33188,
      "new_path": "seccomp/nnapi-hal-driver-seccomp-arm.policy"
    },
    {
      "type": "modify",
      "old_id": "c082a181d5ddb56aa0da580f64efc1f70201da1c",
      "old_mode": 33188,
      "old_path": "seccomp/nnapi-hal-driver-seccomp-arm64.policy",
      "new_id": "7635d8777ab1eb73864b81960b6da3003880aeba",
      "new_mode": 33188,
      "new_path": "seccomp/nnapi-hal-driver-seccomp-arm64.policy"
    }
  ]
}