memfd_secret() in 5.14

> which is relatively easy to bypass

Well... I don't know about that. You have to have arbitrary kernelspace code execution, which is supposed to be impossible even for root (assuming, for the sake of argument, that the kernel has been locked down and won't load arbitrary modules). If that is "relatively easy," then it means you have found a serious security vulnerability, regardless of whether memfd_secret() is in use or not, and regardless of whether the attacker is root or not.

In particular, this syscall defends against "simple" buffer overreads where the kernel is tricked into copying a bunch of random kernel-visible memory into an attacker-visible buffer, but without arbitrary code execution. That is also supposed to be impossible, of course, but constructing an overread attack is probably easier than constructing an ACE attack. In this sense, then, it can be thought of as a form of defense in depth, where we try to make attacks more difficult to construct, rather than trying to provide absolute guarantees of security.