Patch by Sean Dooher! I'll be addressing the review comments.
The point is to markup a section of code (a set of functions) that should be isolated for security, basically like a TCB. Such section of code, being privileged in some specific manner, would not be allowed to exercise arbitrary behavior, so calling a function that's outside the set from a function that's inside the set is not allowed; they can only call each other. This is ultimately supposed to achieve security of the system with respect to that privilege through audit of the TCB.
The patch adds an attribute enforce_tcb to define a TCB and a warning -Wtcb-enforcement for violating the enforcement. Additionally it adds an attribute enforce_tcb_leaf that allows opting out of enforcement for individual harmless functions: such "leaf" functions are allowed to be called from the respective TCB but aren't forced into the TCB themselves.