tree-wide: fix typo

NEWS

@@ -33,7 +33,7 @@ CHANGES WITH 255 in spe:
           by default when combined with --scope, will be changed in a future
           release to be enabled by default.
 
-        * "systemctl switch-root" is now restricted to initrd transtions only.
+        * "systemctl switch-root" is now restricted to initrd transitions only.
           Transitions between real systems should be done with "systemctl soft-reboot"
           instead.
 

TODO

@@ -201,7 +201,7 @@ Features:
 * add a new PE binary section ".mokkeys" or so which sd-stub will insert into
   Mok keyring, by overriding/extending whatever shim sets in the EFI
   var. Benefit: we can extend the kernel module keyring at ukify time,
-  i.e. without recompiling the kernel, taking an upstrem OS' kernel and adding
+  i.e. without recompiling the kernel, taking an upstream OS' kernel and adding
   a local key to it.
 
 * PidRef conversion work:
@@ -244,7 +244,7 @@ Features:
 
 * similar, add the same for journal stream clients that log too much
 
-* systemd-mount sould only consider modern file systems when mounting, similar
+* systemd-mount should only consider modern file systems when mounting, similar
   to systemd-dissect
 
 * new "systemd-pcrlock" component for dealing with PCR4. Design idea:
@@ -512,7 +512,7 @@ Features:
 
 * sd-boot: make boot loader spec type #1 accept http urls in "linux"
   lines. Then, do the uefi http dance to download kernels and boot them. This
-  is then useful for network boot, by embdedding a cpio with type #1 snippets
+  is then useful for network boot, by embedding a cpio with type #1 snippets
   in sd-boot, which reference remote kernels.
 
 * maybe prohibit setuid() to the nobody user, to lock things down, via seccomp.
@@ -767,7 +767,7 @@ Features:
 * systemd-measure: allow operating with PEM certificates in addition to PEM
   public keys when signing PCR values. SecureBoot and our Verity signatures
   operate with certificates already, hence I guess we should also just deal for
-  convencience with certificates for the PCR stuff too.
+  convenience with certificates for the PCR stuff too.
 
 * systemd-measure: add --pcrpkey-auto as an alternative to --pcrpkey=, where it
   would just use the same public key specified with --public-key= (or the one

man/sd_event_set_signal_exit.xml

@@ -39,7 +39,7 @@
 
     <para><function>sd_event_set_signal_exit()</function> may be used to ensure the event loop terminates
     once a <constant>SIGINT</constant> or <constant>SIGTERM</constant> signal is received. It is a
-    convencience wrapper around invocations of
+    convenience wrapper around invocations of
     <citerefentry><refentrytitle>sd_event_add_signal</refentrytitle><manvolnum>3</manvolnum></citerefentry>
     for both signals. The two signals are automatically added to the calling thread's signal mask (if a
     program is multi-threaded care should be taken to either invoke this function before the first thread is

src/basic/list.h

@@ -195,7 +195,7 @@
 #define LIST_CLEAR(name, head, free_func)       \
         _LIST_CLEAR(name, head, free_func, UNIQ_T(elem, UNIQ))
 
-/* Clear the list, destroing each element with free_func */
+/* Clear the list, destroying each element with free_func */
 #define _LIST_CLEAR(name, head, free_func, elem)        \
         ({                                              \
                 typeof(head) elem;                      \

src/boot/efi/UEFI_SECURITY.md

@@ -56,7 +56,7 @@ only load them after `ExitBootServices()` has been called.
 
 Another mechanism is supported by `systemd-boot` and `systemd-stub` to add additional payloads to the boot
 process: `addons`. Addons are PE signed binaries that can carry kernel command line arguments or Devicetree
-blobs (more might be added in the future). In constrast to the user-specified additions in the Type #1 case
+blobs (more might be added in the future). In contrast to the user-specified additions in the Type #1 case
 described above, these addons are loaded through the UEFI image loading protocol, and thus are subject to
 signature validation, and will be rejected if not signed or if the signature is invalid, following the
 standard SecureBoot model. They are also measured in the TPM.

src/boot/efi/ticks.c

@@ -36,7 +36,7 @@ static uint64_t ticks_freq_arch(void) {
 
         uint64_t freq = crystal_hz;
         if (crystal_hz == 0) {
-                /* If the crystal frquency is not available, try to deduce it from
+                /* If the crystal frequency is not available, try to deduce it from
                  * the processor frequency leaf if available. */
                 if (max_leaf < 0x16)
                         return 0;

src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c

@@ -50,7 +50,7 @@ static int luks2_pkcs11_callback(
         /* Called for every token matching our URI */
         r = pkcs11_token_login_by_pin(m, session, token_info, token_label, data->pin, data->pin_size);
         if (r == -ENOLCK) {
-                /* Referesh the token info, so that we can prompt knowing the new flags if they changed. */
+                /* Refresh the token info, so that we can prompt knowing the new flags if they changed. */
                 rv = m->C_GetTokenInfo(slot_id, &updated_token_info);
                 if (rv != CKR_OK) {
                         crypt_log_error(data->cd,

src/home/homework-luks.c

@@ -3197,7 +3197,7 @@ int home_resize_luks(
 
                 old_image_size = st.st_size;
 
-                /* Note an asymetry here: when we operate on loopback files the specified disk size we get we
+                /* Note an asymmetry here: when we operate on loopback files the specified disk size we get we
                  * apply onto the loopback file as a whole. When we operate on block devices we instead apply
                  * to the partition itself only. */
 

src/nspawn/nspawn-mount.c

@@ -693,7 +693,7 @@ int mount_all(const char *dest,
                 if (FLAGS_SET(mount_table[k].mount_settings, MOUNT_PREFIX_ROOT)) {
                         /* Optionally prefix the mount source with the root dir. This is useful in bind
                          * mounts to be created within the container image before we transition into it. Note
-                         * that MOUNT_IN_USERNS is run after we transitioned hence prefixing is not ncessary
+                         * that MOUNT_IN_USERNS is run after we transitioned hence prefixing is not necessary
                          * for those. */
                         r = chase(mount_table[k].what, dest, CHASE_PREFIX_ROOT, &prefixed, NULL);
                         if (r < 0)

src/shared/openssl-util.c

@@ -112,7 +112,7 @@ int openssl_digest_many(
                 return log_openssl_errors("Failed to create new EVP_MD_CTX");
 
         if (!EVP_DigestInit_ex(ctx, md, NULL))
-                return log_openssl_errors("Failed to initializate EVP_MD_CTX");
+                return log_openssl_errors("Failed to initialize EVP_MD_CTX");
 
         for (size_t i = 0; i < n_data; i++)
                 if (!EVP_DigestUpdate(ctx, data[i].iov_base, data[i].iov_len))
@@ -188,7 +188,7 @@ int openssl_hmac_many(
                 return log_openssl_errors("Failed to build HMAC OSSL_PARAM");
 
         if (!EVP_MAC_init(ctx, key, key_size, params))
-                return log_openssl_errors("Failed to initializate EVP_MAC_CTX");
+                return log_openssl_errors("Failed to initialize EVP_MAC_CTX");
 #else
         _cleanup_(HMAC_CTX_freep) HMAC_CTX *ctx = HMAC_CTX_new();
         if (!ctx)

src/shared/pkcs11-util.c

@@ -391,7 +391,7 @@ int pkcs11_token_login(
                         if (r != -ENOLCK)
                                 return r;
 
-                        /* Referesh the token info, so that we can prompt knowing the new flags if they changed. */
+                        /* Refresh the token info, so that we can prompt knowing the new flags if they changed. */
                         rv = m->C_GetTokenInfo(slotid, &updated_token_info);
                         if (rv != CKR_OK)
                                 return log_error_errno(SYNTHETIC_ERRNO(EIO),

src/shared/serialize.c

@@ -53,7 +53,7 @@ int serialize_item_escaped(FILE *f, const char *key, const char *value) {
 
 int serialize_item_format(FILE *f, const char *key, const char *format, ...) {
         _cleanup_free_ char *allocated = NULL;
-        char buf[256]; /* Something resonably short that fits nicely on any stack (i.e. is considerably less
+        char buf[256]; /* Something reasonably short that fits nicely on any stack (i.e. is considerably less
                         * than LONG_LINE_MAX (1MiB!) */
         const char *b;
         va_list ap;

src/shared/tpm2-util.c

@@ -670,7 +670,7 @@ int tpm2_context_new(const char *device, Tpm2Context **ret_context) {
 
         r = tpm2_cache_capabilities(context);
         if (r < 0)
-                return log_debug_errno(r, "Failed to cache TPM capbilities: %m");
+                return log_debug_errno(r, "Failed to cache TPM capabilities: %m");
 
         /* We require AES and CFB support for session encryption. */
         if (!tpm2_supports_alg(context, TPM2_ALG_AES))
@@ -862,7 +862,7 @@ int tpm2_index_from_handle(Tpm2Context *c, const Tpm2Handle *handle, TPM2_HANDLE
  *
  * Returns 1 if the object was successfully persisted, or 0 if there is already a key at the requested
  * handle, or < 0 on error. Theoretically, this would also return 0 if no specific persistent handle is
- * requiested but all persistent handles are used, but it is extremely unlikely the TPM has enough internal
+ * requested but all persistent handles are used, but it is extremely unlikely the TPM has enough internal
  * memory to store the entire persistent range, in which case an error will be returned if the TPM is out of
  * memory for persistent storage. The persistent handle is only provided when returning 1. */
 static int tpm2_persist_handle(
@@ -4636,7 +4636,7 @@ int tpm2_extend_bytes(
                 values.count++;
         }
 
-        /* Open + lock the log file *before* we start measuring, so that noone else can come between our log
+        /* Open + lock the log file *before* we start measuring, so that no one else can come between our log
          * and our measurement and change either */
         log_fd = tpm2_userspace_log_open();
 

src/test/test-blockdev-util.c

@@ -12,7 +12,7 @@ static void test_path_is_encrypted_one(const char *p, int expect) {
                 /* This might fail, if btrfs is used and we run in a container. In that case we cannot
                  * resolve the device node paths that BTRFS_IOC_DEV_INFO returns, because the device nodes
                  * are unlikely to exist in the container. But if we can't stat() them we cannot determine
-                 * the dev_t of them, and thus cannot figure out if they are enrypted. Hence let's just
+                 * the dev_t of them, and thus cannot figure out if they are encrypted. Hence let's just
                  * ignore ENOENT here. Also skip the test if we lack privileges. */
                 return;
         assert_se(r >= 0);

src/test/test-watch-pid.c

@@ -42,7 +42,7 @@ int main(int argc, char *argv[]) {
         assert_se(unit_add_name(c, "c.service") >= 0);
         assert_se(set_isempty(c->pids));
 
-        /* Fork off a child so thta we have a PID to watch */
+        /* Fork off a child so that we have a PID to watch */
         _cleanup_(sigkill_waitp) pid_t pid = 0;
         pid = fork();
         if (pid == 0) {

src/vconsole/vconsole-setup.c

@@ -512,7 +512,7 @@ static int find_source_vc(char **ret_path, unsigned *ret_idx) {
 
                 r = verify_vc_allocation(i);
                 if (r < 0) {
-                        log_debug_errno(r, "VC %u existance check failed, skipping: %m", i);
+                        log_debug_errno(r, "VC %u existence check failed, skipping: %m", i);
                         RET_GATHER(err, r);
                         continue;
                 }

test/test-network/systemd-networkd-tests.py

@@ -5142,7 +5142,7 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
         self.wait_online(['veth-peer:carrier'])
 
         # Note that at this point the DHCPv6 client has not been started because no RA (with managed
-        # bit set) has yet been recieved and the configuration does not include WithoutRA=true
+        # bit set) has yet been received and the configuration does not include WithoutRA=true
         state = get_dbus_dhcp6_client_state('veth99')
         print(f"State = {state}")
         self.assertEqual(state, 'stopped')

test/units/testsuite-70.sh

@@ -96,7 +96,7 @@ tpm2_pcrextend 0:sha256=00000000000000000000000000000000000000000000000000000000
 (! systemd-cryptsetup attach test-volume "$img" - tpm2-device=auto,headless=1)
 
 if tpm_has_pcr sha256 12; then
-    # Enroll using an explict PCR value (that does match current PCR value)
+    # Enroll using an explicit PCR value (that does match current PCR value)
     systemd-cryptenroll --wipe-slot=tpm2 "$img"
     EXPECTED_PCR_VALUE=$(cat /sys/class/tpm/tpm0/pcr-sha256/12)
     PASSWORD=passphrase systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs="12:sha256=$EXPECTED_PCR_VALUE" "$img"

test/units/testsuite-72.sh

@@ -76,8 +76,8 @@ verify_version() {
     # $1: block device
     # $2: sector size
     # $3: version
-    # $4: partiton number of part1
+    # $4: partition number of part1
-    # $5: partiton number of part2
+    # $5: partition number of part2
 
     gpt_reserved_sectors=$(( 1024 * 1024 / $2 ))
     part1_offset=$(( ( $4 - 1 ) * 2048 + gpt_reserved_sectors ))