Yes, loadable LSMs are not secure theoretically. And probably most LSM folks think that other's LSM modules should be excluded from the kernel because their own LSM is The Only Good LSM.
And their obsession with safety is laughable, frankly. Because it leads to the use of zero LSMs instead of 2. Sure, NSA might be smart enough to know how SELinux policies work. I certainly am not and so I want to combine several LSMs that I can actually understand. But I'd like to be able to run Yama and AppArmor, for example.
I don't quite understand the problem with your unwinding example. Certainly, if you're doing unwinding you should not be doing additional access checks. Think about PAM, for an example of stackable security modules. It works just fine.
As for doing this job myself - I don't have time to do it. But I'm really starting to think about sponsoring it.