If you like BoxMatrix then please contribute Supportdata, Supportdata2, Firmware and/or Hardware (get in touch).
My metamonk@yahoo.com is not reachable by me since years. Please use hippie2000@webnmail.de instead.
Property:untrustedd (avmcmd)
BoxMatrix >> Shell-Commands >> untrustedd (avmcmd) | @ BoxMatrix - IRC-Chat - Translate: de es fr it nl pl |
News | Selectors | Models | Accessories | Components | Environment | Config | Commands | System | Webif | Software | Develop | Lexicon | Community | Project | Media |
Startup-Scr | Hotplug-Scr | BusyBox-Cmds | Bash-Cmds | AVM-Cmds | Chipset-Cmds | Linux-Cmds | Shared-Libs | Kernel-Mods | Research |
Name-Collision - multiple objects in this wiki use the name untrustedd!
|
AVM-Command
Command: | untrustedd (avmcmd) - type Exec | Wiki | Freetz | IPPF | whmf | AVM | Web |
Location: | Shell-Commands >> AVM-Commands - Origin: AVM | ||||||
Path: | Release: /usr/bin Lab+Rel: /usr/bin | ||||||
Properties: | Size: 9.5k - 978k - Firmware: 7.08 - 8.00 | ||||||
Function: | ASEC database server daemon. |
Goto: Startup - Logging - Database - Messaging - Config - Source - Dependencies - Model-Matrix - Symbols - SMW-Browser
Details
untrustedd is the ASEC database server daemon, running on the untrusted Linux, which typically runs entire FRITZ!OS.
The optional companion is trustedd, which runs on the trusted Linux instance if one exists.
untrustedd is present in every recent firmware and removing or killing it does not affect any functionality of a box (so far).
It uses libasecutils.so, which is only used by its logdumper asec_dump_logs and by its companion daemon trustedd.
untrustedd does not provide any help function or options. It is a daemon which runs in foreground, so it needs to be detached.
It is a notify type supervisor enhanced daemon, so it expects to be started from untrustedd.service (fw 7.19+)
kill or killall terminate untrustedd gracefully, without any watchdog problems. But the proper way ist to use svctl:
root@fritz:/var/mod/root# svctl start untrustedd [svctl] untrustedd.service, result: success
root@fritz:/var/mod/root# svctl stop untrustedd [svctl] untrustedd.service, result: success
Startup
untrustedd uses libasecutils.so for most operations, so we have function names:
notify_initsystem
- sends a startup notification to supervisor using libsvctl.soinstall_crashhandler
- installs a crashhandler using libubacktrace.sowatchdog_start
- registers a watchdog using libwdt.socreate_log_dir
- creates the logging dir/tmp/aseclogs
untrusted_endpoint
- gets the URI ipc:///var/run/untrusted.ipcalloc_handle_list
- create the list for requesting clients
Unlike other daemons untrustedd does not create and serve untrusted.ipc permanently but on demand.
untrustedd communicates with trustedd if it is reachable at tcp6://[fd62:c5d3:4303:c662::1]:51000
.
Here some related error messages:
$ strings usr/bin/untrustedd | grep -i 'trusted ' Trusted not responding. Probably dead. Panic! Connecting to trusted failed Initialization of trusted failed: %s
This is done via the cpunet0 interface so it is retargetable to another CPU. Excerpt from rc.cpunet:
ip address add fd62:c5d3:4303:c662::2/64 dev cpunet0
Logging
untrustedd writes its logs to /tmp/aseclogs
in 32 KB ringbuffers named untrustedd-<pid>
.
log_line_with_file
- log a line to the current ringbuffer, possibly creating it
root@fritz:/var/mod/root# ls -lh /tmp/aseclogs --w------- 1 root root 32.0K Jan 1 01:00 untrustedd-277 --w------- 1 root root 32.0K Jan 3 12:28 untrustedd-2910 --w------- 1 root root 32.0K Jan 3 12:29 untrustedd-2930
root@fritz:/var/mod/root# uhexdump /tmp/aseclogs/untrustedd-277 | head -n 5 0000 30303030 30303038 2E333733 33313820 30312E30 00000008.373318 01.0 0014 312E3730 2F30303A 30303A30 3820756E 74727573 1.70/00:00:08 untrus 0028 7465645F 6170692E 633A3138 33204461 74616261 ted_api.c:183 Databa 003c 73652069 7320656D 7074792E 0A000000 00000000 se is empty......... 0050 00000000 00000000 00000000 00000000 00000000 ....................
All per <pid> logfiles can be dumped at once using asec_dump_logs.
Database
untrustedd maintains its database in /var/flash/asec
which normally is empty.
Here some related error messages:
$ strings /usr/bin/untrustedd | grep -i database Cannot open database file: %s Database write failed: %s Flushing database failed. Database file %s does not exist Error reading database: %s Database is empty. Database broken -> Use empty database.
untrustedd uses efficient non blocking Read-Copy-Update (RCU) technology to maintain the database cache in realtime,
provided by liburcu.so and liburcu-common.so. Multiple processes, threads or even CPUs can write at once without problems.
The caching also prevents the flash from fast aging, flushing the database and flashing it can be performed independently.
Messaging
data conversion:
conv_bytes_to_hex
conv_utf8_to_utf16le
group filtering:
group_match
group_parse_group
group_parse_matcher
requester socket:
requester_socket_init
msg_receive_request
msg_receive_request_async
msg_send_request_async
(???)
reply socket:
replier_socket_init
msg_encode_reply
replier_reply
Config
Daily updated index of Configuration files accessed by this command. Last update: 2024-12-21 07:02 GMT.
A -
in the Mod
column marks manual research, the Firmware
then shows where the item occurs, not the Relation
.
Relation | Typ | Object | Mod | Firmware | Info | Origin |
---|---|---|---|---|---|---|
Config from | tffs | asec (tffs) | - | 7.19 - 8.00 | TODO | AVM |
1 config relation for this command |
Source
The names of source files compiled into an executable often help to understand function blocks (and show gaps in the docs).
fw 7.29 source files:
$ strings /usr/bin/untrustedd | grep -e '\.c$' -e '\.cpp$' /GU/ASEC_cortexa9_build/src/main/untrusted/src/untrustedd.c /GU/ASEC_cortexa9_build/src/main/untrusted/src/untrusted_api.c /GU/ASEC_cortexa9_build/src/main/untrusted/src/blob.c /GU/ASEC_cortexa9_build/src/main/trusted/src/trusted_api.c /GU/ASEC_cortexa9_build/src/main/trusted/src/database.c /GU/ASEC_cortexa9_build/src/main/trusted/src/ntlm.c /GU/ASEC_cortexa9_build/src/main/trusted/src/otp_compat.c
Early untrustedd nearly contained the complete trustedd source (except logserver.c), but this was changed:
fw 7.39 source files:
$ strings /usr/bin/untrustedd | grep -e '\.c$' -e '\.cpp$' /GU/ASEC_grx5_build/src/main/untrusted/src/untrustedd.c /GU/ASEC_grx5_build/src/main/untrusted/src/untrusted_api.c /GU/ASEC_grx5_build/src/main/untrusted/src/blob.c
Dependencies
Daily updated index of all dependencies of this command. Last update: 2024-12-21 07:44 GMT.
A *
in the Mod
column marks info from Supportdata-Probes, which will always stay incomplete.
Relation | Typ | Object | Mod | Firmware | Info | Origin |
---|---|---|---|---|---|---|
Started by | serv | untrustedd.service | 37 | 7.19 - 8.00 | supervisor service for untrustedd. | AVM |
Runs as | proc | untrustedd (process) | 31* | 7.08 - 8.00 | Process running untrustedd | AVM |
Registers | wdog | untrustedd (watchdog) | 30* | 7.08 - 8.00 | Watchdog for untrustedd | AVM |
Serving | sock | untrusted.ipc | 31* | 7.08 - 8.00 | TODO | AVM |
Depends on | lib | ld.so | 27 | 7.08 - 8.00 | Dynamic linker / loader | Linux |
Depends on | lib | libasecutils.so | 37 | 7.19 - 8.00 | ASEC databasee server API | AVM |
Depends on | lib | libatomic.so | 40 | 7.08 - 8.00 | GNU atomic library | Linux |
Depends on | lib | libavmcsock.so | 5 | 7.08 | Networking, I/O and helper functions | AVM |
Depends on | lib | libavmwdt.so | 17 | 7.61 - 8.00 | AVM-Watchdogs management API | AVM |
Depends on | lib | libbacktrace.so | 37 | 7.08 - 8.00 | Crash handler and logger | AVM |
Depends on | lib | libc.so | 40 | 7.08 - 8.00 | Standard C library | Linux |
Depends on | lib | libcore.so | 17 | 7.61 - 8.00 | Gathers the MAC addresses of the device and maintains its device mode. | AVM |
Depends on | lib | libcrypto.so | 32 | 7.08 - 8.00 | OpenSSL general crypto and X.509 library | Linux |
Depends on | lib | libdl.so | 3 | 7.19 - 7.80 | Dynamic linking library | Linux |
Depends on | lib | libminneapolis.so | 37 | 7.19 - 8.00 | Minneapolis datastore encoder / decoder | AVM |
Depends on | lib | libnsl.so | 2 | 7.90 - 8.00 | Network Information Service (NIS) support | Linux |
Depends on | lib | libpthread.so | 17 | 7.08 - 8.00 | POSIX threading library | Linux |
Depends on | lib | librt.so | 3 | 7.90 - 8.00 | POSIX realtime extensions library | Linux |
Depends on | lib | libsvctl.so | 37 | 7.19 - 8.00 | supervisor notification library | AVM |
Depends on | lib | libubacktrace.so | 14 | 7.08 | Standalone library for backtrace | Linux |
Depends on | lib | liburcu-common.so | 27 | 7.19 - 7.81 | Userspace Read-Copy-Update (RCU). | Linux |
Depends on | lib | liburcu.so | 27 | 7.19 - 7.81 | Userspace Read-Copy-Update (RCU). | Linux |
Depends on | lib | libwdt.so | 38 | 7.08 - 7.81 | AVM-Watchdogs management API | AVM |
Depends on | lib | libz.so | 29 | 7.08 - 7.81 | Zlib compressor / decompressor | Linux |
24 dependencies for this command |
Model-Matrix
Daily updated index of the presence, path and size of this command for each model. Last update: 2024-12-21 05:44 GMT.
Showing all models using this command. Click any column header (click-wait-click) to sort the list by the respective data.
The (main/scrpn/boot/arm/prx/atom/rtl)
label in the Model
column shows which CPU is meant for Multi-Linux models.
Note that this list is merged from Firmware-Probes of all known AVM firmware for a model, including Recovery.exe and Labor-Files.
Model | Firmware | Path | Size |
---|---|---|---|
FRITZ!Box 3490 (main) | 7.27 - 7.30 | /usr/bin | 54.3k |
FRITZ!Box 4040 | 7.08 - 8.00 | /usr/bin | 57.5k - 765k |
FRITZ!Box 4050 | 7.58 - 7.90 | /usr/bin | 57.6k - 61.6k |
FRITZ!Box 4060 | 7.29 - 7.90 | /usr/bin | 57.5k - 61.6k |
FRITZ!Box 5490 (main) | 7.27 - 7.29 | /usr/bin | 54.3k |
FRITZ!Box 5491 (main) | 7.27 - 7.29 | /usr/bin | 54.3k |
FRITZ!Box 5530 Fiber (main) | 7.21 - 8.00 | /usr/bin | 9.6k - 13.8k |
FRITZ!Box 5590 Fiber (main) | 7.29 - 8.00 | /usr/bin | 57.4k - 61.6k |
FRITZ!Box 5690 Pro (main) | 7.62 | /usr/bin | 53.5k |
FRITZ!Box 6430 Cable (atom) | 7.29 | /usr/bin | 65.3k |
FRITZ!Box 6490 Cable (atom) | 7.19 - 7.51 | /usr/bin | 65.3k - 73.8k |
FRITZ!Box 6590 Cable (atom) | 7.19 - 7.51 | /usr/bin | 65.3k - 73.8k |
FRITZ!Box 6591 Cable (atom) | 7.19 - 8.00 | /usr/bin | 61.3k - 73.5k |
FRITZ!Box 6690 Cable (atom) | 7.28 - 7.90 | /usr/bin | 61.3k - 73.5k |
FRITZ!Box 6820 LTE v1 (main) | 7.08 - 7.59 | /usr/bin | 54.3k - 211k |
FRITZ!Box 6820 LTE v2 (main) | 7.08 - 7.59 | /usr/bin | 54.3k - 211k |
FRITZ!Box 6820 LTE v3 (main) | 7.19 - 7.57 | /usr/bin | 54.3k - 58.5k |
FRITZ!Box 6820 LTE v4 | 7.59 | /usr/bin | 58.5k |
FRITZ!Box 6850 LTE | 7.21 - 7.90 | /usr/bin | 9.6k - 61.6k |
FRITZ!Box 6850 5G | 7.24 - 7.90 | /usr/bin | 57.5k - 61.6k |
FRITZ!Box 6890 LTE (main) | 7.08 - 7.57 | /usr/bin | 9.6k - 978k |
FRITZ!Box 6890 LTE v1 (main) | 7.08 - 7.57 | /usr/bin | 9.6k - 978k |
FRITZ!Box 6890 LTE v2 (main) | 7.08 - 7.57 | /usr/bin | 9.6k - 978k |
FRITZ!Box 7430 (main) | 7.21 - 7.31 | /usr/bin | 54.3k |
FRITZ!Box 7490 (main) | 7.08 - 7.51 | /usr/bin | 54.3k - 790k |
FRITZ!Box 7510 | 7.30 - 8.00 | /usr/bin | 57.5k - 61.6k |
FRITZ!Box 7520 | 7.08 - 8.00 | /usr/bin | 57.5k - 175k |
FRITZ!Box 7520 v2 (main) | 7.30 - 8.00 | /usr/bin | 57.5k - 61.6k |
FRITZ!Box 7530 | 7.08 - 8.00 | /usr/bin | 57.5k - 765k |
FRITZ!Box 7530 AX | 7.20 - 8.00 | /usr/bin | 53.7k - 57.6k |
FRITZ!Box 7560 (main) | 7.24 - 7.30 | /usr/bin | 9.6k |
FRITZ!Box 7580 (main) | 7.08 - 7.30 | /usr/bin | 9.6k - 270k |
FRITZ!Box 7583 (main) | 7.21 - 7.59 | /usr/bin | 9.6k - 9.7k |
FRITZ!Box 7583 VDSL (main) | 7.19 - 7.59 | /usr/bin | 9.6k - 9.7k |
FRITZ!Box 7590 (main) | 7.08 - 7.90 | /usr/bin | 9.5k - 978k |
FRITZ!Box 7590 AX (main) | 7.19 - 7.80 | /usr/bin | 9.6k - 9.7k |
FRITZ!Box 7690 | 7.61 - 7.90 | /usr/bin | 53.5k - 57.6k |
FRITZ!WLAN Repeater 1750E | /usr/bin | 790k | |
FRITZ!Repeater 3000 | 7.08 | /usr/bin | 765k |
FRITZ!Powerline 1260E | 7.08 | /usr/bin | 765k |
40 models use this command |
Symbols
Daily updated index of all symbols of this command. Last update: 2024-12-21 07:44 GMT.
Firmware | Symbol |
---|---|
7.08 - 8.00 | main |
1 symbol for this command |