[Bug 2028810] Re: rsync 3.1.3 performance regression

Chris Halse Rogers 2028810 at bugs.launchpad.net
Wed Aug 23 03:33:28 UTC 2023 

Hello Ye, or anyone else affected,

Accepted rsync into focal-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/rsync/3.1.3-8ubuntu0.6
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: rsync (Ubuntu Focal)
       Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsync in Ubuntu.
https://bugs.launchpad.net/bugs/2028810

Title:
  rsync 3.1.3 performance regression

Status in rsync package in Ubuntu:
  Fix Released
Status in rsync source package in Focal:
  Fix Committed

Bug description:
  [Impact]

  Recent necessary security fixes to rsync have caused a slow down in
  transfer speeds due to additional authentication. In more recent
  versions of rsync this can be mitigated when the environment is
  trusted with the --trust-sender flag.

  In order to accomidate this use case, the flag should be backported to
  focal too.

  [Test Plan]

  $ lxc launch ubuntu:focal test-rsync-receiver
  $ lxc exec test-rsync-receiver bash
  # apt update && apt dist-upgrade -y
  # apt install openssh-server rsync -y
  # passwd ubuntu
  - set password for user
  # exit

  - Check ip of receiver with lxc list
  $ lxc list

  $ lxc launch ubuntu:focal test-rsync-sender
  $ lxc exec test-rsync-sender bash
  # apt update && apt dist-upgrade -y

  # apt install rsync -y

  - Create a random file to send over
  # dd if=/dev/urandom of=randomfile.bin bs=1M count=1000

  - Send without --trust-sender
  # rsync -av randomfile.bin ubuntu@<receiver ip>:~/file1.bin

  - Send with --trust-sender
  # rsync -av --trust-sender randomfile.bin ubuntu@<receiver ip>:~/file2.bin

  With the fix in place, --trust-sender is a valid argument and the
  transfer is notably faster as reported back by rsync.

  [Where problems could occur]

  Since this change adds a new feature in the form of an input flag,
  problems could occour when using it. This could include issues from
  skipping security checks between the sending and receiving machine.
  Another possible problem would be issues with command line input
  parsing due to the additional valid argument.

  [Other Info]
   
  The --trust-sender option is already available in Jammy and later

  [Original Description]

  OS: Ubuntu 20.04 Focal
  Package: rsync 3.1.3-8ubuntu0.5

  rsync's performance was regressed by ~7x amount after some security
  patch (debian/patches/CVE-2022-29154-*) was applied to the package,
  and introduced a list of filters that iterate on every file being
  transferred. We think that was where the performance regression came
  from.

  A Jammy version of the package (3.2.5) introduced a new flag "--trust-
  sender" that allowed user to avoid the expensive client-side filtering
  introduced by those security patches. After pulling this change
  (https://github.com/WayneD/rsync/commit/cff8f044776c5143a5b270969d4bb0f1fea8b017)
  from rsync ourselves and applied it to the Focal version, the
  performance regression went away.

  The patch we used to backport our Focal rsync is attached in this
  thread. Can you please backport it too?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsync/+bug/2028810/+subscriptions

More information about the foundations-bugs mailing list