On Friday 07 March 2003 11:55 am, Damien Tougas wrote:
> Is there any advantage/disadvantage to using kernel moduls vs. staticly
> linking stuff in the kernel? I would like to eliminate everything from my
> kernel config that can be loaded as a module, then load them at boot using
> loader.conf. 

Should be possible for a lot of things.  Though it seems many need to stay in 
the kernel, as it is currently written.  kld(4) and the pages it refers to 
should be at least somewhat instructive in figuring out what all can be put 
in a module.  
Try reading the developers handbook, it has some of what you're looking for.

> Is there any reason I would not want to do that? It seems to
> me that it would make things much easier.
> Why does FreeBSD not do this by default for the GENERIC kernel?

Only things I can think of as to why most things are compiled in are 
1) the costs of running a module, instead of compiled in.  I don't know how to 
quantify those.  And I didn't see anything in the developer's handbook to 
answer that.  Maybe checking there more carefully would yield some answers.
2) security.  In theory for max security you should minimize the interfaces to 
the kernel.  Any loadable module could be a trojan, packet filter, or 
compromise security in another way.  So optimal security would be have every 
needed component compiled in, and turn off the ability to load any modules.  
I have no idea if this can be done or how in FreeBSD.  kld manpage didn't 
seem to say anything about this.  Keep in mind this is extreme security which 
isn't terribly important till you get the practical stuff taken care of 
Here is the (in)famous article on it:

        You may want to check the -hackers mailing list archives, as this has been 
discussed there. If this is really important for you to figure out, after 
reading the archives, ask there.


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to