Using Go 1.24 increases `glibc` base requirement

[rickystewart]

After attempting to upgrade to Go 1.24 from Go 1.23, we find that running the FIPS toolchain on our CI machines fails with the error:

external/go_sdk_fips/bin/go: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.32' not found (required by external/go_sdk_fips/bin/go)
external/go_sdk_fips/bin/go: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.34' not found (required by external/go_sdk_fips/bin/go)

Builds using golang-fips on older Go versions (i.e. using a golang-fips version prior to 5930e864b18b8fcf77d4f85d4e74568f8e910289) does not produce this error. This seems to only kick in when using a golang-fips after 5930e864b18b8fcf77d4f85d4e74568f8e910289 to build Go 1.24 or later.

The dependency on a higher version of glibc doesn't seem to be documented in this repo and is apparently not a requirement from upstream, as building Go 1.24 as normal does result in a binary with these elevated glibc requirements.

I have the following questions:

• Is the dependency on GLIBC_2.34 required/intentional? Can it be relaxed somehow? Is it due to the use of some particular syscall(s) introduced in newer versions?
• If it is intentional, can it be documented?

[rickystewart]

This might be a user error on our part related the use of CGO_ENABLED here. I'm going to pre-emptively close this and will re-open if there are any further developments. Sorry for the noise!