Re: Unnecessary connection overhead due copy-on-write (mainly openssl)
От | Andres Freund |
---|---|
Тема | Re: Unnecessary connection overhead due copy-on-write (mainly openssl) |
Дата | |
Msg-id | azn7royvxpnzjng65k2tf73gkf7z2e6xwdbgqejzxiuu74huei@nemdrxrdumhd обсуждение исходный текст |
Ответ на | Re: Unnecessary connection overhead due copy-on-write (mainly openssl) (Jacob Champion <jacob.champion@enterprisedb.com>) |
Ответы |
Re: Unnecessary connection overhead due copy-on-write (mainly openssl)
|
Список | pgsql-hackers |
Hi, On 2025-06-06 08:41:20 -0700, Jacob Champion wrote: > On Fri, Jun 6, 2025 at 4:56 AM Peter Eisentraut <peter@eisentraut.org> wrote: > > It seems weird to me that openssl spends so much effort tidying up its > > memory allocations just before exiting. We could just skip that. > > Looking through the code of OPENSSL_cleanup(), there might be one or two > > cases of log or trace files that get flushed during cleanup, so it's not > > an absolute no-brainer to skip all the cleanup. > > I guess I'd be concerned that a hardware crypto provider might need > good-faith cleanup to work well. I understand they can't rely on > atexit in general, but there would be a big difference between "you > might have to clean up after a crash" and "every single connection > litters the hardware with unused stuff". It's not just crashes, e.g. the startup packet timeout is also handled by _exit() - and it can be triggered remotely. ISTM that if crypto providers can't handle _exit(), we have a bigger problem. Alternatively we could try deferring more of openssl's initialization to outside of postmaster - but that doesn't seem particularly realistic. Greetings, Andres Freund
В списке pgsql-hackers по дате отправления: