On Thu, 28 Oct 2021 at 17:35, Borislav Petkov <bp@xxxxxxxxx> wrote: > Sorry, you need to expand on that: part of what specification? My apologies, I should have linked to the specification. It's called Host Security ID: https://fwupd.github.io/libfwupdplugin/hsi.html > How is this going to be run? HSI tests are run at every boot and logged. HSI is part of Insights (for servers) and is even now part of several large companies' purchasing policies. > Why cannot this be a userspace program, script, tool, whatever? We actually tried this, using the journal API: https://github.com/fwupd/fwupd/pull/2129 It was a hack, and took a really long time to complete on slow embedded hardware. Richard
