[8.x] [8.17.1] Confidential Computing Elastic native system call filters

I am looking into securing and guarding Elastic search with Intel SGX hardware and a middleware called Gramine which are utilized as an libos. End goal are to protect Elastic against attackers that might do memory dumps, steal complete environments etc. This can be done utilizing SGX and Remote attestations.

I am blocked by Elastics system call filters, which tries to register filters not implemented in Gramine. I could mock responses so Elastic would think everything was ok and procced, but it feels wrong.

In elastic 8.x, system call filter configuration was removed as an possibility. I'd very much like that option reintroduced as it was in elastic 7.x

I am hoping that core dev team sees this.

-regards Nino