You may find some people that think LSMs are enough but everyone I've spoken to (LSM authors) realize that the LSMs are really only access control models and that other parts of the kernel need to be hardened as well. That being said as someone who worked on SELinux it wasn't my job to harden the kernel. My job was to do research and we used SELinux as a platform. If it got merged upstream all the better. If it was something that someone like Red Hat wanted then I had more help in getting stuff upstream. Spenders main issue is with a community that seems indifferent at best and openly hostile at worse to handling security related issues. Its also that some of his features would not be as palatable with the subsystem maintainers that they would interact with.