On Fri, Jun 6, 2025 at 1:18 PM Nico Williams wrote:
> However no one will be using a discrete or firmware TPM for TLS server
> certificate private key usage: discrete TPMs are way way too slow for
> that, and firmware TPMs are... also way too slow. You wouldn't bother
> with a software TPM for th
On Fri, Jun 06, 2025 at 11:58:38AM -0700, Jacob Champion wrote:
> > I'd expect all subsystems to recover cleanly from unclean shutdowns. I
> > know, that's a lot to expect, but nowadays pretty much all filesystems
> > used in production do, for example.
>
> I guess, but if we stop cleaning up ent
On Fri, Jun 6, 2025 at 9:37 AM Andres Freund wrote:
> It's not just crashes, e.g. the startup packet timeout is also handled by
> _exit() - and it can be triggered remotely.
Fair point...
> ISTM that if crypto providers
> can't handle _exit(), we have a bigger problem.
...so I guess I need to f
On Fri, Jun 6, 2025 at 9:25 AM Nico Williams wrote:
> I'd expect all subsystems to recover cleanly from unclean shutdowns. I
> know, that's a lot to expect, but nowadays pretty much all filesystems
> used in production do, for example.
I guess, but if we stop cleaning up entirely, we will sudden
Hi,
On 2025-06-06 08:41:20 -0700, Jacob Champion wrote:
> On Fri, Jun 6, 2025 at 4:56 AM Peter Eisentraut wrote:
> > It seems weird to me that openssl spends so much effort tidying up its
> > memory allocations just before exiting. We could just skip that.
> > Looking through the code of OPENSSL
On Fri, Jun 06, 2025 at 08:41:20AM -0700, Jacob Champion wrote:
> I guess I'd be concerned that a hardware crypto provider might need
> good-faith cleanup to work well. I understand they can't rely on
> atexit in general, but there would be a big difference between "you
> might have to clean up aft
Re: Jacob Champion
> I guess I'd be concerned that a hardware crypto provider might need
> good-faith cleanup to work well.
Hopefully not in every single backend.
Christoph
On Fri, Jun 6, 2025 at 4:56 AM Peter Eisentraut wrote:
> It seems weird to me that openssl spends so much effort tidying up its
> memory allocations just before exiting. We could just skip that.
> Looking through the code of OPENSSL_cleanup(), there might be one or two
> cases of log or trace fil
On Thu, Jun 5, 2025 at 3:58 PM Andres Freund wrote:
> There are a few related issues where we ourselves to blame. The most prominent
> one is that we go around and delete PostmasterContext in child processes. That
> however doesn't really save memory, as the memory is still needed in
> postmaster,
On 05.06.25 21:58, Andres Freund wrote:
The reason for this difference is that by default openssl registers an atexit
handler that frees a lot of memory that was initialized in postmaster. That in
turn triggers page-faults due to the relevant pages now differing in child
processes. Which a) isn't
10 matches
Mail list logo
