This packages that packages that are distributed with the official release or these packages were introduced using the Kremlin SORM system
for example mts_cdma modem. I have no MTS CDMA modem.
I’m not a security specialist, but as a programmer I’m sure that these lines raise the virtual driver of such a modem, which works without the knowledge and permission of the owner, that is, these are traces of hacking

run qmicli operation

qmicli --device-open-proxy --device=“/dev/$CDC_WDM_PORT” --dms-set-fcc-authentication

exit $?

Snapshot_2024-04-05_20-42-241366×768 77.1 KB

Can you elaborate on what seems suspicious in particular?

Note: I have deleted your second post as it seems completely off-topic. Please keep your questions to things related to Fedora.

1. I have no CDMA modem. Anything. No MTS, no Wireless Foxconn, but why i have unlock available device?
   
   

   AvailModems718×718 100 KB

… devices which can connect to Internet via virtual device and for example Vodafone providers

This is normal. The ModemManager package is pulled in by NetworkManager by default, and includes support for a wide range of hardware.

no, this is not normal, bcs I’m don’t have any Foxconn, MTS_CDMA devices, and this virtual device must not pulled in Network Manager.

It does not matter what devices are on your system. Those files are part of the Fedora Linux defaults. They are harmless, and won’t do anything unless you do add the relevant hardware, in which case they will serve to make that hardware work.

You will find them on most other Linux systems as well, for the same reason.

Really? MTS_CDMA modem is a part of Fedora? And it’s normal when creates a virtual devices?

if you say that working of unknown virtual devices on the computer is normal, then I’m definitely need to remove drivers of this device. I’m in healthy mind and memory to understand which devices are on the computer and which are not.
gzip -9 /usr/lib/udev/rules.d/77-mm-foxconn-port-types.rules
gzip -9 /usr/lib64/ModemManager/libmm-plugin-foxconn.so
gzip -9 /usr/lib64/ModemManager/libmm-shared-foxconn.so
gzip -9 /usr/lib64/ModemManage/*

If you want to get rid of these drivers once and for all, and save a few ms at boot time, run these two commands as root:

stop ModemManager
disable ModemManager

This will make it impossible for them to be loaded at boot, even if NetworkManager tries to bring them in.

Well

systemctl stop ModemManager
systemctl disable ModemManager

but delete drivers is most reliably

Correction: if you really want to be sure, add this:

systemctl mask ModemManager

That makes it completely impossible for them to be dragged in.
Yes, you can delete the drivers, but the next time ModemManager gets updated, I think they’ll be dragged back in. I’m not sure, but masking ModemManager is quicker and safer.

Actually, I need to correct myself. The particular file /usr/lib/firmware/mts_cdma.fw.xz is part of the linux-firmware package. You can discover this using the rpm command:

rpm --query --file /usr/lib/firmware/mts_cdma.fw.x

and verify that is unchanged from the packaged version with a different rpm command:

rpm --verify --file /usr/lib/firmware/mts_cdma.fw.xz

The second command should return to the prompt without printing anything. If a file in that package was changed, you will instead see a line with a code indicating whether the file times, size, checksum, or other metadata is different.

Official packages build by Fedora are signed with our GPG key, using a hardware-based signing system. You can trace the path back through our build system and package sources, if you like. You’ll find that it comes from the official Linux kernel firmware package, which has a home at kernel/git/firmware/linux-firmware.git - Repository of firmware blobs for use with the Linux kernel.

From there, you can see that the file was added in 2009 by Chris Adams, and signed off on by at-the-time core kernel developer Alan Cox and also by Linus Torvalds.

Now… this is a non-open-source binary blob. But, as per Fedora policy, the only firmware we distribute in this way is that which loads into the device itself — it doesn’t run on your CPU. If there’s no corresponding hardware to do anything with, there’s literally no where for it to go or nothing for it to do.

As for removing files from your system: the software in Fedora Linux is generally quite interconnected. You can disable things from loading, but removing them may break unexpected things. (Also, if you make changes outside the package management system, deleted files will be put back into place when you do a system update.)

If you want a truly minimal system that just has exactly what you need for your hardware, Fedora Linux may not be the OS for you. You can get a lot more customization with Gentoo, but even that is likely to include some support for hardware you don’t have. For that, you really need to build your own. You might try https://www.linuxfromscratch.org/.

No I’m finding most safety OS
And I’m think, sttyNN shell’s which burn by s8250 and other drivers and virtual devices is not safety

STTY884×169 26 KB

and, no.
dracut -o {kernel modules} is not working
maybe bcs dracut script’s contain some sh scripts like this
if hostonly=“” dracut_instmods --silent -s “drm_crtc_init|drm_dev_register|drm_encoder_init” -S “iw_handler_get_spy” $(< “$i”); then
if strstr “$(modinfo -F filename $(< “$i”) 2> /dev/null)” radeon.ko; then
hostonly=‘’ instmods amdkfd
fi
fi

Right, so… this isn’t Fedora. Safety and security are important to us, but removing all possible support for hardware is not part of our approach. If there is something that is particularly dangerous, we might not enable it by default. But in general, we want people’s hardware to work.

I believe (without double-checking) that the presence of /bus/platform/devices/serial8250 under /sys means that the kernel has detected that your system has hardware that presents itself to the OS as an 8250 UART. That’s… perfectly normal.

As I said, you could make a distribution that only supports exactly what you want, but no mainstream “off-the-shelf” Linux distro is going to do that.

These ports aren’t attached to anything, right? What is your particular concern?

I think we should stop talking about nothing. What is preferable for you - security or support of the Russian company MTS. I understand, that you give preference to the Russian MTS campaign.
Thanks for lost u time.
I’m preffer reading manuals…

I have no idea what you are talking about, but you’re proposing a false dichotomy.

We care about security, but I don’t understand the threat model in which the things you are asking about are of any significant concern.

I’m closing this topic since the solution has been indicated by the Original Poster, and I feel there is nothing positive for the community to further discuss here.