Tuesday, August 24, 2021

High CPU Use From trustd

Jeff Johnson (tweet, 2):

I’ve heard from several other people who started noticing the same issue yesterday too, one of whom helpfully referred me to this reddit thread with even more reports. On investigation, I found that the nsurlsessiond process was connecting to the server valid.apple.com, and immediately afterward trustd CPU jumped from 0% to 100%. It seems that the issue can be temporarily solved by preventing nsurlsessiond from connecting to valid.apple.com. You may have to reboot or force quit trustd to get its CPU usage back to normal. It’s important to note that this is only a temporary workaround to the CPU usage problem; trustd is an important macOS system process that checks certificate validity and revocation status, so you probably don’t want to block valid.apple.com forever.

I’ve been seeing long periods of high CPU use from trustd since Catalina.

My postmortem theory is that at some point Apple had some bad data in their Certificate Revocation List online, everyone downloaded the bad data, and then trustd got stuck. Anyway, it looks like blocking valid.apple.com is no longer necessary after removing and regenerating the valid.sqlite3 database.

To delete the database you need to reboot into macOS Recovery, and then find the SQLite file on the main boot drive, not at the recovery’s /private/var/protected/trustd/.

The problem is also seen on iOS, though it’s not clear how to fix it unless your device is jailbroken.

Previously:

4 Comments RSS · Twitter

Corentin Cras-Méneur
August 27, 2021 1:25 PM

/private/var/protected/trustd/ doesn’t exist in Catalina.
The valid.sqlite3 database lives in /Library/Keychains/crls/ in this version of MacOS X (and I haven’t checked in later versions).

Andrew Swift
September 2, 2021 4:07 AM

/private/var/protected/trustd/ does exist in Monterey (Beta 6).

I am trying the steps listed in this article: https://www.reddit.com/r/jailbreak/comments/ncfprs/tutorial_a_fix_for_the_trustd_process_constantly/

because the computer is just killing my internet connection — nothing else in the house can even download a text file when the MB running Monterey is connected.

- restart w/ cmd-R
- in terminal cd /Volumes/[HD name]/private/var/protected/trustd
- rm *.sqlite3
- reboot

I'll come back and report if it works.

Andrew Swift
September 3, 2021 8:27 AM

Nope, didn't work. It turns out it was just my computer updating the Photos library. You can delete my two comments if you want ;-).

Love your blog, always have.

Axel
April 14, 2022 4:29 AM

Hello @all,

I've been struggling on this for a while. I think that (in some particular cases) Andrew Swift may be right in his last comment. I was also suspecting this, even if I don't understand the link between trustd and Photos. But one argument in favor, I didn't use Photos until last week when I imported 7000 photos at once. I also spent some time on defining faces, so I guess the app must process every picture on looking and matching faces. The analysis of all my photos is not over yet, 7 days later. That may explain why my macbook's fans are blowing half of the time.
Thanks

Leave a Comment

Copyright © 2000–2024 Michael Tsai.