Skip to content

sandbox: do not reset RLIMIT_CORE when dumpable #5676

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 21, 2025
Merged

sandbox: do not reset RLIMIT_CORE when dumpable #5676

merged 1 commit into from
Jul 21, 2025

Conversation

alpeng-jump
Copy link
Contributor

@alpeng-jump alpeng-jump commented Jul 16, 2025
edited
Loading

No description provided.

@mmcgee-jump
Copy link
Contributor

Why is this needed? IIRC we haven't had issues with making core dumps without these changes?

mmcgee-jump
mmcgee-jump reviewed Jul 16, 2025
View reviewed changes
mmcgee-jump
mmcgee-jump reviewed Jul 16, 2025
View reviewed changes
@alpeng-jump alpeng-jump force-pushed the alpeng/sandbox-rlimit branch from f007352 to 6bb8ec1 Compare July 17, 2025 14:01
@alpeng-jump alpeng-jump changed the title sandbox: do not reset RLIMIT_CORE and clone pid ns when dumpable sandbox: do not reset RLIMIT_CORE when dumpable Jul 17, 2025
@alpeng-jump
Copy link
Contributor Author

Reverting CLONE_NEWPID for tiles since having them run as init is fine for core dumps - https://elixir.bootlin.com/linux/v6.11/source/kernel/signal.c#L1351. We do need to leave the rlimit though. More observations explained in slack.

@alpeng-jump alpeng-jump force-pushed the alpeng/sandbox-rlimit branch from 6bb8ec1 to f9336b7 Compare July 17, 2025 14:13
@alpeng-jump alpeng-jump enabled auto-merge July 17, 2025 16:21
@alpeng-jump alpeng-jump requested a review from mmcgee-jump July 18, 2025 04:17
mmcgee-jump
mmcgee-jump reviewed Jul 18, 2025
View reviewed changes
mmcgee-jump
mmcgee-jump reviewed Jul 18, 2025
View reviewed changes
mmcgee-jump
mmcgee-jump requested changes Jul 18, 2025
View reviewed changes
Copy link
Contributor

@mmcgee-jump mmcgee-jump left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just some nits, but strict about sandbox code

@alpeng-jump alpeng-jump force-pushed the alpeng/sandbox-rlimit branch from f9336b7 to dbd042d Compare July 21, 2025 18:44
@alpeng-jump alpeng-jump requested a review from mmcgee-jump July 21, 2025 18:52
@alpeng-jump alpeng-jump added this pull request to the merge queue Jul 21, 2025
Merged via the queue into main with commit 4095b13 Jul 21, 2025
9 checks passed
@alpeng-jump alpeng-jump deleted the alpeng/sandbox-rlimit branch July 21, 2025 19:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mmcgee-jump mmcgee-jump mmcgee-jump approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@alpeng-jump @mmcgee-jump