Per an earlier article in this series, https://lwn.net/Articles/812325/, this syscall is meant for protecting against disclosure of secrets via things like speculative execution and cache attacks, by ensuring that the kernel does not have the secret memory mapped at all. It does not protect against other kinds of attacks, like malicious code in the kernel. Thus, it will not keep your memory secret in every possible case; for that, you’d want to use something like Intel SGX (modulo the many vulnerabilities in that technology) which uses a combination of memory encryption and processor features to keep memory secret even from malicious kernels, hypervisors, etc.