On Fri, Jun 6, 2025 at 9:25 AM Nico Williams <n...@cryptonector.com> wrote: > I'd expect all subsystems to recover cleanly from unclean shutdowns. I > know, that's a lot to expect, but nowadays pretty much all filesystems > used in production do, for example.
I guess, but if we stop cleaning up entirely, we will suddenly be stressing those code paths... But maybe that's a community service? :) I realize I'm making an argument from fear and ignorance. Maybe that ecosystem is very healthy. I'm just imagining the following conversation: DBA: we upgraded our server and our HSM is freaking out after a few thousand connections; what gives? us: oh, we stopped cleaning up after ourselves for performance! tell your vendor to fix their drivers! DBA: hahahaha [1] is a description of the kind of problem I'm worried about. (It's not 1:1 applicable to this situation, I just think we might start seeing those sorts of bug reports.) > I doubt that PG w/ OpenSSL in any configuration maintains stateful > interactions with HW cryptographic providers. (Why? From looking over the Cryptoki/PKCS#11 stuff, for example, isn't a lot of that API stateful?) --Jacob [1] https://github.com/OpenSC/libp11/issues/228#issuecomment-402941378
