Re: Kernel device for iwlwifi in 13.3?

On Wed, Jun 12, 2024, 11:47 AM Roger Marquis <marquis@roble.com> wrote:

> >> Also wondering why there is no iwl* in /usr/src/sys/amd64/conf/* and
> >> what, if anything,
> >
> > Because it is a non-essential driver to boot and so we only build it as
> > a module which is a continuation of that people once started in order to
> > get GENERIC size down.  The module will be loaded at run-time
> > automatically (in a default setup) if such a card is found in the system
> > and the driver will then automatically load its firmware (which will
> > hopefully eventually also not be in base anymore).
>
> That's the threat vector I'd like to avoid i.e, someone plugging-in a
> usb (or other) wifi device.  I suppose it's not necessarily different
> than plugging-in an ethernet device but as a general rule all vectors
> that can be avoided should be.  This, and kernel compilation in general,
> is one of the areas FreeBSD has an advantage over other OS.  Not being
> able to prevent these and other kernel modules is just unnecessary
> risk.
>

You can list exactly the modules to build to control that threat. See
MODULES_OVERRIDE=

Warner

>