On Wed, 2024-02-21 at 14:09 +0800, WANG Xuerui wrote:

- just restore fstat and be done with it;
- add a flag to statx so we can do the equivalent of just fstat(fd, 
&out) with statx, and ensuring an error happens if path is not empty in 
that case;

It's worse than "just restore fstat" considering the performance.  Read
this thread:
https://sourceware.org/pipermail/libc-alpha/2023-September/151320.html

- tackle the long-standing problem of seccomp deep argument inspection (!).

Frankly I'm never a fan of syscall blocklisting.  When I develop the
Online Judge system for the programming contest training in Xidian
University I deliberately avoid using seccomp.  This thing is very
likely to break innocent programs with some system change innocent as
well (for example Glibc or libstdc++ update).

-- 
Xi Ruoyao [off-list ref]
School of Aerospace Science and Technology, Xidian University