Re: storing an explicit nonce

On Thu, Oct 7, 2021 at 12:56:22PM -0400, Bruce Momjian wrote:
> On Thu, Oct 7, 2021 at 12:32:16PM -0400, Robert Haas wrote:
> > On Thu, Oct 7, 2021 at 12:26 PM Andres Freund <andres(at)anarazel(dot)de> wrote:
> > > We rely on it today, e.g. for the control file.
> >
> > I think that's the only place, though. We can't rely on it for data
> > files because base backups don't go through shared buffers, so reads
> > and writes can get torn in memory and not just on sector boundaries.
>
> Uh, do backups get torn and later used?

Are you saying a base backup could read a page from the file system and
see a partial write, even though the write is written as 8k? I had not
thought about that.

I think this whole discussion is about whether we need full page images
for hint bit changes. I think we do if we use the LSN for the nonce (in
the old patch), and probably need it for hint bit changes when using
block cipher modes (XTS) if we feel basebackup could read only part of a
16-byte page change.

--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com

If only the physical world exists, free will is an illusion.