From 552040f390602adb966d79b4dc53f90a9bf84b7b Mon Sep 17 00:00:00 2001 From: douglas-raillard-arm Date: Fri, 12 Feb 2021 10:53:33 +0000 Subject: [PATCH] devlib/collector/dmesg: handle CONFIG_SECURITY_DMESG_RESTRICT Some kernels compiled with CONFIG_SECURITY_DMESG_RESTRICT can restrict reading the dmesg buffer to root user as a security hardening measure. Detect this case and use root accordingly. --- devlib/collector/dmesg.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/devlib/collector/dmesg.py b/devlib/collector/dmesg.py index 8b25f5d..4de40b2 100644 --- a/devlib/collector/dmesg.py +++ b/devlib/collector/dmesg.py @@ -20,6 +20,7 @@ from datetime import timedelta from devlib.collector import (CollectorBase, CollectorOutput, CollectorOutputEntry) +from devlib.target import KernelConfigTristate class KernelLogEntry(object): @@ -167,6 +168,8 @@ class DmesgCollector(CollectorBase): self.basic_dmesg = '--force-prefix' not in \ self.target.execute('dmesg -h', check_exit_code=False) self.facility = facility + self.needs_root = bool(target.config.typed_config.get( + 'CONFIG_SECURITY_DMESG_RESTRICT', KernelConfigTristate.NO)) self.reset() @property @@ -178,7 +181,7 @@ class DmesgCollector(CollectorBase): def start(self): self.reset() - # Empty the dmesg ring buffer + # Empty the dmesg ring buffer. This requires root in all cases self.target.execute('dmesg -c', as_root=True) def stop(self): @@ -195,7 +198,7 @@ class DmesgCollector(CollectorBase): facility=self.facility, ) - self.dmesg_out = self.target.execute(cmd) + self.dmesg_out = self.target.execute(cmd, as_root=self.needs_root) def set_output(self, output_path): self.output_path = output_path