From the Hardening Mosys design doc: https://docs.google.com/document/d/1MkBUhp6KURhB2HArB7QYcrMpU8z1PQgknU-hx8c4K2k/edit#heading=h.iroy8cj9ggti

Also expanded more on:
https://docs.google.com/document/d/1SXWWjzd22bvx7gUSmPUzw00S3XoPBiY1gc0OwQX_aBY/edit#bookmark=id.l5xy25itysz5

The exact details are a bit fuzzy (whether this is just SMBIOS or includes VPD) but consensus seems to have emerged around a stable /proc interface and upstreaming.

Once this is implemented, we can explore dropping privileges in the wrapper (track in https://bugs.chromium.org/p/chromium/issues/detail?id=795841) if the command being executed doesn't need root. We can also explore disabling the mosys platform subcommand tree for new platforms.