So, why don’t we have a separate kernel (a VM really) handling WiFi hardware and perhaps some other network stuff? For a laptop the overhead shouldn’t matter match.
Thats what wifibox does on FreeBSD (though I believe the reason is more for drivers than for isolation): https://github.com/pgj/freebsd-wifibox