[Bug 2028810] Re: rsync 3.1.3 performance regression

Launchpad Bug Tracker 2028810 at bugs.launchpad.net
Mon Aug 7 17:35:01 UTC 2023 

** Merge proposal linked:
   https://code.launchpad.net/~lvoytek/ubuntu/+source/rsync/+git/rsync/+merge/448637

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsync in Ubuntu.
https://bugs.launchpad.net/bugs/2028810

Title:
  rsync 3.1.3 performance regression

Status in rsync package in Ubuntu:
  Fix Released
Status in rsync source package in Focal:
  In Progress

Bug description:
  [Impact]

  Recent necessary security fixes to rsync have caused a slow down in
  transfer speeds due to additional authentication. In more recent
  versions of rsync this can be mitigated when the environment is
  trusted with the --trust-sender flag.

  In order to accomidate this use case, the flag should be backported to
  focal too.

  [Test Plan]

  $ lxc launch ubuntu:focal test-rsync-receiver
  $ lxc exec test-rsync-receiver bash
  # apt update && apt dist-upgrade -y
  # apt install openssh-server rsync -y
  # passwd ubuntu
  - set password for user
  # exit

  - Check ip of receiver with lxc list
  $ lxc list

  $ lxc launch ubuntu:focal test-rsync-sender
  $ lxc exec test-rsync-sender bash
  # apt update && apt dist-upgrade -y

  # apt install rsync -y

  - Create a random file to send over
  # dd if=/dev/urandom of=randomfile.bin bs=1M count=1000

  - Send without --trust-sender
  # rsync -av randomfile.bin ubuntu@<receiver ip>:~/file1.bin

  - Send with --trust-sender
  # rsync -av --trust-sender randomfile.bin ubuntu@<receiver ip>:~/file2.bin

  With the fix in place, --trust-sender is a valid argument and the
  transfer is notably faster as reported back by rsync.

  [Where problems could occur]

  Since this change adds a new feature in the form of an input flag,
  problems could occour when using it. This could include issues from
  skipping security checks between the sending and receiving machine.
  Another possible problem would be issues with command line input
  parsing due to the additional valid argument.

  [Other Info]
   
  The --trust-sender option is already available in Jammy and later

  [Original Description]

  OS: Ubuntu 20.04 Focal
  Package: rsync 3.1.3-8ubuntu0.5

  rsync's performance was regressed by ~7x amount after some security
  patch (debian/patches/CVE-2022-29154-*) was applied to the package,
  and introduced a list of filters that iterate on every file being
  transferred. We think that was where the performance regression came
  from.

  A Jammy version of the package (3.2.5) introduced a new flag "--trust-
  sender" that allowed user to avoid the expensive client-side filtering
  introduced by those security patches. After pulling this change
  (https://github.com/WayneD/rsync/commit/cff8f044776c5143a5b270969d4bb0f1fea8b017)
  from rsync ourselves and applied it to the Focal version, the
  performance regression went away.

  The patch we used to backport our Focal rsync is attached in this
  thread. Can you please backport it too?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsync/+bug/2028810/+subscriptions

More information about the foundations-bugs mailing list