From 4e18b11d70c76c0b15e2567e0f1ac1b442cae8aa Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Tue, 4 Oct 2022 15:34:21 +0200
Subject: executor: enable core dumps

Core dumping known to have bugs. Just few recent kernel commits:
  [brown paperbag] fix coredump breakage
  [coredump] don't use __kernel_write() on kmap_local_page()
We also also found some info leaks in core dumps before.
No reason to not test them.
---
 executor/common_linux.h  | 3 ++-
 pkg/csource/generated.go | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/executor/common_linux.h b/executor/common_linux.h
index e5587d1c7..39a687e36 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -3842,7 +3842,8 @@ static void sandbox_common()
 	setrlimit(RLIMIT_FSIZE, &rlim);
 	rlim.rlim_cur = rlim.rlim_max = 1 << 20;
 	setrlimit(RLIMIT_STACK, &rlim);
-	rlim.rlim_cur = rlim.rlim_max = 0;
+	// Note: core size is also restricted by RLIMIT_FSIZE.
+	rlim.rlim_cur = rlim.rlim_max = 128 << 20;
 	setrlimit(RLIMIT_CORE, &rlim);
 	rlim.rlim_cur = rlim.rlim_max = 256; // see kMaxFd
 	setrlimit(RLIMIT_NOFILE, &rlim);
diff --git a/pkg/csource/generated.go b/pkg/csource/generated.go
index 60f94fd30..2e213795a 100644
--- a/pkg/csource/generated.go
+++ b/pkg/csource/generated.go
@@ -8499,7 +8499,7 @@ static void sandbox_common()
 	setrlimit(RLIMIT_FSIZE, &rlim);
 	rlim.rlim_cur = rlim.rlim_max = 1 << 20;
 	setrlimit(RLIMIT_STACK, &rlim);
-	rlim.rlim_cur = rlim.rlim_max = 0;
+	rlim.rlim_cur = rlim.rlim_max = 128 << 20;
 	setrlimit(RLIMIT_CORE, &rlim);
 	rlim.rlim_cur = rlim.rlim_max = 256;
 	setrlimit(RLIMIT_NOFILE, &rlim);
-- 
cgit mrf-deployment