I didn't mention Firejail because it's actually build on top of seccomp-bpf and namespaces. It's a user-space application, leveraging existing kernel features, but unless I'm even more confused than I thought (which wouldn't surprise me, tbh), the others I mentioned live in the kernel (though AFAIK AppArmor and SELinux are security module running in kernel space but not part of the kernel itself).
I am completely lost too, and have the feeling that anyone has pros / cons, and no one is really an efficient product to be used in the daily life :/
I used firejail many months and got several issues with maintaining configurations for different softwares, especially after software updates.
Also, those are softwares on top of the kernel I think, and not utilities in the kernel directly, but I may be wrong for this.