diff --git a/bin/clippy b/bin/clippy
index 0e930793c0..5a2626707e 100755
--- a/bin/clippy
+++ b/bin/clippy
@@ -59,7 +59,6 @@ SUPPRESS=(
     field_reassign_with_default
 
     # We don't care about these lints. Okay to remain suppressed globally.
-    blacklisted_name
     cast_lossless
     cognitive_complexity
     enum_variant_names
diff --git a/devices/src/virtio/fs/passthrough.rs b/devices/src/virtio/fs/passthrough.rs
index dfeee627aa..383a551621 100644
--- a/devices/src/virtio/fs/passthrough.rs
+++ b/devices/src/virtio/fs/passthrough.rs
@@ -2267,15 +2267,15 @@ mod tests {
         strip_xattr_prefix(&mut actual);
         assert_eq!(&actual[..], &no_strippable_names[..]);
 
-        let only_strippable_names = b"user.virtiofs.security.sehash\0user.virtiofs.security.wtf\0";
+        let only_strippable_names = b"user.virtiofs.security.sehash\0user.virtiofs.security.wat\0";
         let mut actual = only_strippable_names.to_vec();
         strip_xattr_prefix(&mut actual);
-        assert_eq!(&actual[..], b"security.sehash\0security.wtf\0");
+        assert_eq!(&actual[..], b"security.sehash\0security.wat\0");
 
-        let mixed_names = b"user.virtiofs.security.sehash\0security.selinux\0user.virtiofs.security.wtf\0user.foobar\0";
+        let mixed_names = b"user.virtiofs.security.sehash\0security.selinux\0user.virtiofs.security.wat\0user.foobar\0";
         let mut actual = mixed_names.to_vec();
         strip_xattr_prefix(&mut actual);
-        let expected = b"security.sehash\0security.selinux\0security.wtf\0user.foobar\0";
+        let expected = b"security.sehash\0security.selinux\0security.wat\0user.foobar\0";
         assert_eq!(&actual[..], &expected[..]);
 
         let no_nul_with_prefix = b"user.virtiofs.security.sehash";
diff --git a/disk/src/qcow/mod.rs b/disk/src/qcow/mod.rs
index 3a3ef97641..c4373132da 100644
--- a/disk/src/qcow/mod.rs
+++ b/disk/src/qcow/mod.rs
@@ -1916,7 +1916,7 @@ mod tests {
     }
 
     #[test]
-    fn test_header_crazy_file_size_rejected() {
+    fn test_header_excessive_file_size_rejected() {
         let mut header = valid_header();
         &mut header[24..32].copy_from_slice(&[0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1e]);
         with_basic_file(&header, |disk_file: File| {
@@ -1969,7 +1969,7 @@ mod tests {
         let mut header = valid_header();
         &mut header[56..60].copy_from_slice(&[0x02, 0x00, 0xe8, 0xff]);
         with_basic_file(&header, |disk_file: File| {
-            QcowFile::from(disk_file).expect_err("Created disk with crazy refcount clusters");
+            QcowFile::from(disk_file).expect_err("Created disk with excessive refcount clusters");
         });
     }
 
@@ -1978,7 +1978,7 @@ mod tests {
         let mut header = valid_header();
         &mut header[48..56].copy_from_slice(&[0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x02, 0x00]);
         with_basic_file(&header, |disk_file: File| {
-            QcowFile::from(disk_file).expect_err("Created disk with crazy refcount offset");
+            QcowFile::from(disk_file).expect_err("Created disk with excessive refcount offset");
         });
     }
 
diff --git a/docs/architecture.md b/docs/architecture.md
index 064826c68a..a4b88b5db5 100644
--- a/docs/architecture.md
+++ b/docs/architecture.md
@@ -19,7 +19,7 @@ A typical session of crosvm starts in `main.rs` where command line parsing is do
 
 ## Forking
 
-During the device creation routine, each device will be created and then wrapped in a `ProxyDevice` which will internally `fork` (but not `exec`) and [minijail] the device, while dropping it for the main process. The only interaction that the device is capable of having with the main process is via the proxied trait methods of `BusDevice`, shared memory mappings such as the guest memory, and file descriptors that were specifically whitelisted by that device's security policy. This can lead to some surprising behavior to be aware of such as why some file descriptors which were once valid are now invalid.
+During the device creation routine, each device will be created and then wrapped in a `ProxyDevice` which will internally `fork` (but not `exec`) and [minijail] the device, while dropping it for the main process. The only interaction that the device is capable of having with the main process is via the proxied trait methods of `BusDevice`, shared memory mappings such as the guest memory, and file descriptors that were specifically allowed by that device's security policy. This can lead to some surprising behavior to be aware of such as why some file descriptors which were once valid are now invalid.
 
 ## Sandboxing Policy
 
diff --git a/kvm_sys/tests/sanity.rs b/kvm_sys/tests/basic.rs
similarity index 100%
rename from kvm_sys/tests/sanity.rs
rename to kvm_sys/tests/basic.rs
diff --git a/unblocked_terms.txt b/unblocked_terms.txt
index bd18c8d549..69af134388 100644
--- a/unblocked_terms.txt
+++ b/unblocked_terms.txt
@@ -3,33 +3,8 @@
 #
 # See repohooks/README.md for more details.
 
-# black.?hat
-black.?list
-# build.?cop
-crazy
-# cripple
 dummy
-# first.?class.?citizen
-# grandfathered
-# gr[ae]y.?hat
-# gr[ae]y.?list
-# \bhe\b
-# \bshe\b
-# \bhim\b
-# \bher\b
-# \bhis\b
-# \bhers\b
-# man.?in.?the.?middle
 master
-# \bmitm(\b|\d)
 \bnative
-# \bred.?line
-# rtfm
-# \b(in)?sane(\b|\d)
-sanity
 slave
-# white.?glove
-# white.?hat
-# white.?label
 white.?list
-\bwtf