On Fri, Jun 06, 2025 at 08:41:20AM -0700, Jacob Champion wrote:
> I guess I'd be concerned that a hardware crypto provider might need
> good-faith cleanup to work well. I understand they can't rely on
> atexit in general, but there would be a big difference between "you
> might have to clean up after a crash" and "every single connection
> litters the hardware with unused stuff".
I'd expect all subsystems to recover cleanly from unclean shutdowns. I
know, that's a lot to expect, but nowadays pretty much all filesystems
used in production do, for example.
> But that's pure FUD and guesswork; I have no examples to point to, so
> there might not be any providers that need that.
I doubt that PG w/ OpenSSL in any configuration maintains stateful
interactions with HW cryptographic providers.
