[Bug 2028810] Re: rsync 3.1.3 performance regression
Ye Lu
2028810 at bugs.launchpad.net
Fri Jul 28 19:35:04 UTC 2023
Hi Lena, thanks for getting back to this and appreciate your effort in putting up the PPA!
I think the major concerns here is that the security patch changed the behavior on how arguments from the remote side were handled. And adding the new flag a) doesn't break any existing usage of the tool, and b) will give users the option to get back the old behavior and performance before we introduced the security path series. What do you think?
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsync in Ubuntu.
https://bugs.launchpad.net/bugs/2028810
Title:
rsync 3.1.3 performance regression
Status in rsync package in Ubuntu:
Fix Released
Status in rsync source package in Focal:
Incomplete
Bug description:
OS: Ubuntu 20.04 Focal
Package: rsync 3.1.3-8ubuntu0.5
rsync's performance was regressed by ~7x amount after some security
patch (debian/patches/CVE-2022-29154-*) was applied to the package,
and introduced a list of filters that iterate on every file being
transferred. We think that was where the performance regression came
from.
A Jammy version of the package (3.2.5) introduced a new flag "--trust-
sender" that allowed user to avoid the expensive client-side filtering
introduced by those security patches. After pulling this change
(https://github.com/WayneD/rsync/commit/cff8f044776c5143a5b270969d4bb0f1fea8b017)
from rsync ourselves and applied it to the Focal version, the
performance regression went away.
The patch we used to backport our Focal rsync is attached in this
thread. Can you please backport it too?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsync/+bug/2028810/+subscriptions
More information about the foundations-bugs
mailing list