Revert of bpf_dsl: decouple PolicyCompiler from Syscall

sandbox/linux/bpf_dsl/policy_compiler.h

Index: sandbox/linux/bpf_dsl/policy_compiler.h
diff --git a/sandbox/linux/bpf_dsl/policy_compiler.h b/sandbox/linux/bpf_dsl/policy_compiler.h
index d648c0290230a09e1e9ad3313ee04d90f3b08977..faf6be5c36257eef1723621fedee40430b9e9f99 100644
--- a/sandbox/linux/bpf_dsl/policy_compiler.h
+++ b/sandbox/linux/bpf_dsl/policy_compiler.h
@@ -33,10 +33,6 @@
   // Compile registers any trap handlers needed by the policy and
   // compiles the policy to a BPF program, which it returns.
   scoped_ptr<CodeGen::Program> Compile();
-
-  // DangerousSetEscapePC sets the "escape PC" that is allowed to issue any
-  // system calls, regardless of policy.
-  void DangerousSetEscapePC(uint64_t escapepc);
 
   // Error returns an ErrorCode to indicate the system call should fail with
   // the specified error number.
@@ -92,7 +88,7 @@
   CodeGen::Node CheckArch(CodeGen::Node passed);
 
   // If |has_unsafe_traps_| is true, returns an instruction sequence
-  // that allows all system calls from |escapepc_|, and otherwise
+  // that allows all system calls from Syscall::Call(), and otherwise
   // passes control to |rest|. Otherwise, simply returns |rest|.
   CodeGen::Node MaybeAddEscapeHatch(CodeGen::Node rest);
 
@@ -144,7 +140,6 @@
 
   const Policy* policy_;
   TrapRegistry* registry_;
-  uint64_t escapepc_;
 
   Conds conds_;
   CodeGen gen_;