I think that rename can help a little bit. At least on some FS it is atomic operation.
Writing a single sector ought to be atomic too. I'm very skeptical that it'll be an improvement to just move the risk from one filesystem operation to another; especially not to one where there's not even a terribly portable way to request fsync.
regards, tom lane
pg_control is 8k long(i think it is legth of one page in default PG compile settings). I also think that 8k recording can be atomic. Even if recording of one sector is atomic nobody can say about what sector from 8k record of pg_control should be written first. It can be last sector or say sector number 10 from 16.
The actual data written is always sizeof(ControlFileData) which should be less than one sector. I think it is only possible that we get a torn write for pg_control, if while writing + fsyncing, the filesystem maps that data to different sectors.