mirrors/systemd
0
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-23 10:13:34 +08:00
Code Issues Packages Projects Releases Wiki Activity

tree-wide: fix typo

Browse Source
This commit is contained in:
Yu Watanabe 2023-10-04 08:58:10 +09:00
parent 31438511e0
commit fcdd21ec6a
19 changed files with 26 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
NEWS
View File

@ -33,7 +33,7 @@ CHANGES WITH 255 in spe:
by default when combined with --scope, will be changed in a future
release to be enabled by default.
* "systemctl switch-root" is now restricted to initrd transtions only.
* "systemctl switch-root" is now restricted to initrd transitions only.
Transitions between real systems should be done with "systemctl soft-reboot"
instead.

8
TODO
View File

@ -201,7 +201,7 @@ Features:
* add a new PE binary section ".mokkeys" or so which sd-stub will insert into
Mok keyring, by overriding/extending whatever shim sets in the EFI
var. Benefit: we can extend the kernel module keyring at ukify time,
i.e. without recompiling the kernel, taking an upstrem OS' kernel and adding
i.e. without recompiling the kernel, taking an upstream OS' kernel and adding
a local key to it.
* PidRef conversion work:
@ -244,7 +244,7 @@ Features:
* similar, add the same for journal stream clients that log too much
* systemd-mount sould only consider modern file systems when mounting, similar
* systemd-mount should only consider modern file systems when mounting, similar
to systemd-dissect
* new "systemd-pcrlock" component for dealing with PCR4. Design idea:
@ -512,7 +512,7 @@ Features:
* sd-boot: make boot loader spec type #1 accept http urls in "linux"
lines. Then, do the uefi http dance to download kernels and boot them. This
is then useful for network boot, by embdedding a cpio with type #1 snippets
is then useful for network boot, by embedding a cpio with type #1 snippets
in sd-boot, which reference remote kernels.
* maybe prohibit setuid() to the nobody user, to lock things down, via seccomp.
@ -767,7 +767,7 @@ Features:
* systemd-measure: allow operating with PEM certificates in addition to PEM
public keys when signing PCR values. SecureBoot and our Verity signatures
operate with certificates already, hence I guess we should also just deal for
convencience with certificates for the PCR stuff too.
convenience with certificates for the PCR stuff too.
* systemd-measure: add --pcrpkey-auto as an alternative to --pcrpkey=, where it
would just use the same public key specified with --public-key= (or the one

2
man/sd_event_set_signal_exit.xml
View File

@ -39,7 +39,7 @@
<para><function>sd_event_set_signal_exit()</function> may be used to ensure the event loop terminates
once a <constant>SIGINT</constant> or <constant>SIGTERM</constant> signal is received. It is a
convencience wrapper around invocations of
convenience wrapper around invocations of
<citerefentry><refentrytitle>sd_event_add_signal</refentrytitle><manvolnum>3</manvolnum></citerefentry>
for both signals. The two signals are automatically added to the calling thread's signal mask (if a
program is multi-threaded care should be taken to either invoke this function before the first thread is

2
src/basic/list.h
View File

@ -195,7 +195,7 @@
#define LIST_CLEAR(name, head, free_func) \
_LIST_CLEAR(name, head, free_func, UNIQ_T(elem, UNIQ))
/* Clear the list, destroing each element with free_func */
/* Clear the list, destroying each element with free_func */
#define _LIST_CLEAR(name, head, free_func, elem) \
({ \
typeof(head) elem; \

2
src/boot/efi/UEFI_SECURITY.md
View File

@ -56,7 +56,7 @@ only load them after `ExitBootServices()` has been called.
Another mechanism is supported by `systemd-boot` and `systemd-stub` to add additional payloads to the boot
process: `addons`. Addons are PE signed binaries that can carry kernel command line arguments or Devicetree
blobs (more might be added in the future). In constrast to the user-specified additions in the Type #1 case
blobs (more might be added in the future). In contrast to the user-specified additions in the Type #1 case
described above, these addons are loaded through the UEFI image loading protocol, and thus are subject to
signature validation, and will be rejected if not signed or if the signature is invalid, following the
standard SecureBoot model. They are also measured in the TPM.

2
src/boot/efi/ticks.c
View File

@ -36,7 +36,7 @@ static uint64_t ticks_freq_arch(void) {
uint64_t freq = crystal_hz;
if (crystal_hz == 0) {
/* If the crystal frquency is not available, try to deduce it from
/* If the crystal frequency is not available, try to deduce it from
* the processor frequency leaf if available. */
if (max_leaf < 0x16)
return 0;

2
src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c
View File

@ -50,7 +50,7 @@ static int luks2_pkcs11_callback(
/* Called for every token matching our URI */
r = pkcs11_token_login_by_pin(m, session, token_info, token_label, data->pin, data->pin_size);
if (r == -ENOLCK) {
/* Referesh the token info, so that we can prompt knowing the new flags if they changed. */
/* Refresh the token info, so that we can prompt knowing the new flags if they changed. */
rv = m->C_GetTokenInfo(slot_id, &updated_token_info);
if (rv != CKR_OK) {
crypt_log_error(data->cd,

2
src/home/homework-luks.c
View File

@ -3197,7 +3197,7 @@ int home_resize_luks(
old_image_size = st.st_size;
/* Note an asymetry here: when we operate on loopback files the specified disk size we get we
/* Note an asymmetry here: when we operate on loopback files the specified disk size we get we
* apply onto the loopback file as a whole. When we operate on block devices we instead apply
* to the partition itself only. */

2
src/nspawn/nspawn-mount.c
View File

@ -693,7 +693,7 @@ int mount_all(const char *dest,
if (FLAGS_SET(mount_table[k].mount_settings, MOUNT_PREFIX_ROOT)) {
/* Optionally prefix the mount source with the root dir. This is useful in bind
* mounts to be created within the container image before we transition into it. Note
* that MOUNT_IN_USERNS is run after we transitioned hence prefixing is not ncessary
* that MOUNT_IN_USERNS is run after we transitioned hence prefixing is not necessary
* for those. */
r = chase(mount_table[k].what, dest, CHASE_PREFIX_ROOT, &prefixed, NULL);
if (r < 0)

4
src/shared/openssl-util.c
View File

@ -112,7 +112,7 @@ int openssl_digest_many(
return log_openssl_errors("Failed to create new EVP_MD_CTX");
if (!EVP_DigestInit_ex(ctx, md, NULL))
return log_openssl_errors("Failed to initializate EVP_MD_CTX");
return log_openssl_errors("Failed to initialize EVP_MD_CTX");
for (size_t i = 0; i < n_data; i++)
if (!EVP_DigestUpdate(ctx, data[i].iov_base, data[i].iov_len))
@ -188,7 +188,7 @@ int openssl_hmac_many(
return log_openssl_errors("Failed to build HMAC OSSL_PARAM");
if (!EVP_MAC_init(ctx, key, key_size, params))
return log_openssl_errors("Failed to initializate EVP_MAC_CTX");
return log_openssl_errors("Failed to initialize EVP_MAC_CTX");
#else
_cleanup_(HMAC_CTX_freep) HMAC_CTX *ctx = HMAC_CTX_new();
if (!ctx)

2
src/shared/pkcs11-util.c
View File

@ -391,7 +391,7 @@ int pkcs11_token_login(
if (r != -ENOLCK)
return r;
/* Referesh the token info, so that we can prompt knowing the new flags if they changed. */
/* Refresh the token info, so that we can prompt knowing the new flags if they changed. */
rv = m->C_GetTokenInfo(slotid, &updated_token_info);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),

2
src/shared/serialize.c
View File

@ -53,7 +53,7 @@ int serialize_item_escaped(FILE *f, const char *key, const char *value) {
int serialize_item_format(FILE *f, const char *key, const char *format, ...) {
_cleanup_free_ char *allocated = NULL;
char buf[256]; /* Something resonably short that fits nicely on any stack (i.e. is considerably less
char buf[256]; /* Something reasonably short that fits nicely on any stack (i.e. is considerably less
* than LONG_LINE_MAX (1MiB!) */
const char *b;
va_list ap;

6
src/shared/tpm2-util.c
View File

@ -670,7 +670,7 @@ int tpm2_context_new(const char *device, Tpm2Context **ret_context) {
r = tpm2_cache_capabilities(context);
if (r < 0)
return log_debug_errno(r, "Failed to cache TPM capbilities: %m");
return log_debug_errno(r, "Failed to cache TPM capabilities: %m");
/* We require AES and CFB support for session encryption. */
if (!tpm2_supports_alg(context, TPM2_ALG_AES))
@ -862,7 +862,7 @@ int tpm2_index_from_handle(Tpm2Context *c, const Tpm2Handle *handle, TPM2_HANDLE
*
* Returns 1 if the object was successfully persisted, or 0 if there is already a key at the requested
* handle, or < 0 on error. Theoretically, this would also return 0 if no specific persistent handle is
* requiested but all persistent handles are used, but it is extremely unlikely the TPM has enough internal
* requested but all persistent handles are used, but it is extremely unlikely the TPM has enough internal
* memory to store the entire persistent range, in which case an error will be returned if the TPM is out of
* memory for persistent storage. The persistent handle is only provided when returning 1. */
static int tpm2_persist_handle(
@ -4636,7 +4636,7 @@ int tpm2_extend_bytes(
values.count++;
}
/* Open + lock the log file *before* we start measuring, so that noone else can come between our log
/* Open + lock the log file *before* we start measuring, so that no one else can come between our log
* and our measurement and change either */
log_fd = tpm2_userspace_log_open();

2
src/test/test-blockdev-util.c
View File

@ -12,7 +12,7 @@ static void test_path_is_encrypted_one(const char *p, int expect) {
/* This might fail, if btrfs is used and we run in a container. In that case we cannot
* resolve the device node paths that BTRFS_IOC_DEV_INFO returns, because the device nodes
* are unlikely to exist in the container. But if we can't stat() them we cannot determine
* the dev_t of them, and thus cannot figure out if they are enrypted. Hence let's just
* the dev_t of them, and thus cannot figure out if they are encrypted. Hence let's just
* ignore ENOENT here. Also skip the test if we lack privileges. */
return;
assert_se(r >= 0);

2
src/test/test-watch-pid.c
View File

@ -42,7 +42,7 @@ int main(int argc, char *argv[]) {
assert_se(unit_add_name(c, "c.service") >= 0);
assert_se(set_isempty(c->pids));
/* Fork off a child so thta we have a PID to watch */
/* Fork off a child so that we have a PID to watch */
_cleanup_(sigkill_waitp) pid_t pid = 0;
pid = fork();
if (pid == 0) {

2
src/vconsole/vconsole-setup.c
View File

@ -512,7 +512,7 @@ static int find_source_vc(char **ret_path, unsigned *ret_idx) {
r = verify_vc_allocation(i);
if (r < 0) {
log_debug_errno(r, "VC %u existance check failed, skipping: %m", i);
log_debug_errno(r, "VC %u existence check failed, skipping: %m", i);
RET_GATHER(err, r);
continue;
}

2
test/test-network/systemd-networkd-tests.py
View File

@ -5142,7 +5142,7 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
self.wait_online(['veth-peer:carrier'])
# Note that at this point the DHCPv6 client has not been started because no RA (with managed
# bit set) has yet been recieved and the configuration does not include WithoutRA=true
# bit set) has yet been received and the configuration does not include WithoutRA=true
state = get_dbus_dhcp6_client_state('veth99')
print(f"State = {state}")
self.assertEqual(state, 'stopped')

2
test/units/testsuite-70.sh
View File

@ -96,7 +96,7 @@ tpm2_pcrextend 0:sha256=00000000000000000000000000000000000000000000000000000000
(! systemd-cryptsetup attach test-volume "$img" - tpm2-device=auto,headless=1)
if tpm_has_pcr sha256 12; then
# Enroll using an explict PCR value (that does match current PCR value)
# Enroll using an explicit PCR value (that does match current PCR value)
systemd-cryptenroll --wipe-slot=tpm2 "$img"
EXPECTED_PCR_VALUE=$(cat /sys/class/tpm/tpm0/pcr-sha256/12)
PASSWORD=passphrase systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs="12:sha256=$EXPECTED_PCR_VALUE" "$img"

4
test/units/testsuite-72.sh
View File

@ -76,8 +76,8 @@ verify_version() {
# $1: block device
# $2: sector size
# $3: version
# $4: partiton number of part1
# $5: partiton number of part2
# $4: partition number of part1
# $5: partition number of part2
gpt_reserved_sectors=$(( 1024 * 1024 / $2 ))
part1_offset=$(( ( $4 - 1 ) * 2048 + gpt_reserved_sectors ))