Hypothesis:
At a high security level the use of a tool like kerneld should be impossible in the same as /dev/mem and /dev/kmem access should disappear