[$] Task-level io_uring restrictions

The io_uringsubsystem is more than an asynchronous I/O interface for Linux; it is,for all practical purposes, an independent system-call API. It has enabledhigh-performance applications, but it also brings challenges for code builtaround classic, Unix-style system calls. For example, the seccomp()sandboxing mechanism does not work with it, causing applications usingseccomp() to disable io_uring outright. Io_uring maintainer JensAxboe is seeking to improve that situation with a rapidly evolving patchseries adding a new restrictive mechanism to that subsystem.