[$] Task-level io_uring restrictions

The io_uring
subsystem is more than an asynchronous I/O interface for Linux; it is,
for all practical purposes, an independent system-call API. It has enabled
high-performance applications, but it also brings challenges for code built
around classic, Unix-style system calls. For example, the seccomp()
sandboxing mechanism does not work with it, causing applications using
seccomp() to disable io_uring outright. Io_uring maintainer Jens
Axboe is seeking to improve that situation with a rapidly evolving patch
series adding a new restrictive mechanism to that subsystem.