Not necessarily. The kernel can run the code in non ring 0, ie in userspace. I can't speak to what is typical, but i imagine you'd get most of your gains by stripping most vulnerable code out of the system outright.