Re: False positives in nolibc check

[Ammar Faizi <ammarfaizi2@gnuweeb.org>]

On Wed, Jun 21, 2023 at 12:04:47PM +0200, Stefan Hajnoczi wrote:
> I don't know which features require the toolchain and libc to cooperate.
> I guess Thread Local Storage won't work and helper functions that
> compilers emit (like the memset example that Alviro gave).

Yeah, thread local storage won't work. But the point of my question is
about liburing. So I expect the answer that's relevant to liburing.

I mean, you can still use libc and TLS in your app even though the
liburing.so and liburing.a are nolibc.

> Disabling hardening because it requires work to support it in a nolibc
> world seems dubious to me. I don't think it's a good idea for io_uring
> to lower security because that hurts its image and reduces adoption.
> Especially right now, when the security of io_uring is being scrutinized
> (https://security.googleblog.com/2023/06/learnings-from-kctf-vrps-42-linux.html).
> 
> While I'm sharing these opinions with you, I understand that some people
> want nolibc and are fine with disabling the stack protector. The main
> thing I would like is for liburing to compile or fail with a clear error
> message instead of breaking somewhere during the build.

Right, my mistake. I think it's fixed in upstream by commit:

   319f4be8bd049055c333185928758d0fb445fc43 ("build: Disable stack protector unconditionally")

Please give it a whirl. I apologize for breaking the Fedora build.

Regards,
-- 
Ammar Faizi