in the service unit, as it applies to the whole control group.</para>
<para id="plural">These options cannot be bypassed by prefixing <literal>+</literal> to the executable path
- in the service unit, as it applies to the whole control group.</para>
+ in the service unit, as they apply to the whole control group.</para>
</refsect1>
<citerefentry project='man-pages'><refentrytitle>mkswap</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
This option implies <option>plain</option>.</para>
- <para>WARNING: Using the <option>swap</option> option will
- destroy the contents of the named partition during every boot,
- so make sure the underlying block device is specified
- correctly.</para>
+ <warning>
+ <para>Using the <option>swap</option> option will
+ destroy the contents of the named partition during every boot,
+ so make sure the underlying block device is specified
+ correctly.</para>
+ </warning>
<xi:include href="version-info.xml" xpointer="v186"/></listitem>
</varlistentry>
<literal>btrfs</literal>. If no argument is specified defaults to <literal>ext4</literal>. This
option implies <option>plain</option>.</para>
- <para>WARNING: Using the <option>tmp</option> option will destroy the contents of the named partition
- during every boot, so make sure the underlying block device is specified correctly.</para>
+ <warning>
+ <para>Using the <option>tmp</option> option will destroy the contents of the named partition
+ during every boot, so make sure the underlying block device is specified correctly.</para>
+ </warning>
<xi:include href="version-info.xml" xpointer="v186"/></listitem>
</varlistentry>
<title>Item type specifiers</title>
<tgroup cols='5'>
- <xi:include href="sd_bus_message_append_basic.xml" xpointer="xpointer(//table[@id='format-specifiers'])//colspec" />
+ <xi:include href="sd_bus_message_append_basic.xml" xpointer="xpointer(//table[@id='format-specifiers']//colspec)" />
<xi:include href="sd_bus_message_append_basic.xml" xpointer="xpointer(//table[@id='format-specifiers']//thead)" />
<tbody>
processes will be killed forcibly and all file systems are unmounted or remounted read-only. This is hence a
drastic but relatively safe option to request an immediate reboot. If <option>--force</option> is specified
twice for these operations (with the exception of <command>kexec</command>), they will be executed
- immediately, without terminating any processes or unmounting any file systems. Warning: specifying
- <option>--force</option> twice with any of these operations might result in data loss. Note that when
- <option>--force</option> is specified twice the selected operation is executed by
- <command>systemctl</command> itself, and the system manager is not contacted. This means the command should
- succeed even when the system manager has crashed.</para>
+ immediately, without terminating any processes or unmounting any file systems.</para>
+
+ <warning>
+ <para>Specifying
+ <option>--force</option> twice with any of these operations might result in data loss. Note that when
+ <option>--force</option> is specified twice the selected operation is executed by
+ <command>systemctl</command> itself, and the system manager is not contacted. This means the command should
+ succeed even when the system manager has crashed.</para>
+ </warning>
</listitem>
</varlistentry>
NVMe-TCP mass storage devices. Its primary use-case is to be invoked by the
<filename>storage-target-mode.target</filename> unit that can be booted into.</para>
- <para>Warning: the NVMe disks are currently exposed without authentication or encryption, in read/write
- mode. This means network peers may read from and write to the device without any restrictions. This
- functionality should hence only be used in a local setup.</para>
+ <warning>
+ <para>The NVMe disks are currently exposed without authentication or encryption, in read/write
+ mode. This means network peers may read from and write to the device without any restrictions. This
+ functionality should hence only be used in a local setup.</para>
+ </warning>
<para>Note that to function properly networking must be configured too. The recommended mechanism to boot
into a storage target mode is by adding <literal>rd.systemd.unit=storage-target-mode.target
Fallback Peer Labeling</ulink> rules. They will be removed when the interface is
deconfigured. Failures to manage the labels will be ignored.</para>
- <para>Warning: Once labeling is enabled for network traffic, a lot of LSM access control points in
- Linux networking stack go from dormant to active. Care should be taken to avoid getting into a
- situation where for example remote connectivity is broken, when the security policy hasn't been
- updated to consider LSM per-packet access controls and no rules would allow any network
- traffic. Also note that additional configuration with <citerefentry
- project='man-pages'><refentrytitle>netlabelctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- is needed.</para>
+ <warning>
+ <para>Once labeling is enabled for network traffic, a lot of LSM access control points in
+ Linux networking stack go from dormant to active. Care should be taken to avoid getting into a
+ situation where for example remote connectivity is broken, when the security policy hasn't been
+ updated to consider LSM per-packet access controls and no rules would allow any network
+ traffic. Also note that additional configuration with <citerefentry
+ project='man-pages'><refentrytitle>netlabelctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ is needed.</para>
+ </warning>
<para>Example:
<programlisting>[Address]
</refnamediv>
<refsynopsisdiv>
- <para><filename><replaceable>service</replaceable>.service</filename>,
- <filename><replaceable>socket</replaceable>.socket</filename>,
- <filename><replaceable>device</replaceable>.device</filename>,
- <filename><replaceable>mount</replaceable>.mount</filename>,
- <filename><replaceable>automount</replaceable>.automount</filename>,
- <filename><replaceable>swap</replaceable>.swap</filename>,
- <filename><replaceable>target</replaceable>.target</filename>,
- <filename><replaceable>path</replaceable>.path</filename>,
- <filename><replaceable>timer</replaceable>.timer</filename>,
- <filename><replaceable>slice</replaceable>.slice</filename>,
- <filename><replaceable>scope</replaceable>.scope</filename></para>
+ <para><simplelist type="inline">
+ <member><filename><replaceable>service</replaceable>.service</filename></member>
+ <member><filename><replaceable>socket</replaceable>.socket</filename></member>
+ <member><filename><replaceable>device</replaceable>.device</filename></member>
+ <member><filename><replaceable>mount</replaceable>.mount</filename></member>
+ <member><filename><replaceable>automount</replaceable>.automount</filename></member>
+ <member><filename><replaceable>swap</replaceable>.swap</filename></member>
+ <member><filename><replaceable>target</replaceable>.target</filename></member>
+ <member><filename><replaceable>path</replaceable>.path</filename></member>
+ <member><filename><replaceable>timer</replaceable>.timer</filename></member>
+ <member><filename><replaceable>slice</replaceable>.slice</filename></member>
+ <member><filename><replaceable>scope</replaceable>.scope</filename></member>
+ </simplelist></para>
<refsect2>
<title>System Unit Search Path</title>
<para>Typically, it is essential that applications which intend to use such a match, make
sure a suitable udev rule is installed that sets at least one property on devices that
shall be matched. See also Initialized Devices section below for more details.</para>
- <para>WARNING: <option>--initialized-nomatch</option> can potentially save a significant
- amount of time compared to re-triggering all devices in the system and e.g. can be used to
- optimize boot time. However, this is not safe to be used in a boot sequence in general.
- Especially, when udev rules for a device depend on its parent devices (e.g.
- <literal>ATTRS</literal> or <literal>IMPORT{parent}</literal> keys, see
- <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>
- for more details), the final state of the device becomes easily unstable with this option.
- </para>
+ <warning>
+ <para><option>--initialized-nomatch</option> can potentially save a significant
+ amount of time compared to re-triggering all devices in the system and e.g. can be used to
+ optimize boot time. However, this is not safe to be used in a boot sequence in general.
+ Especially, when udev rules for a device depend on its parent devices (e.g.
+ <literal>ATTRS</literal> or <literal>IMPORT{parent}</literal> keys, see
+ <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ for more details), the final state of the device becomes easily unstable with this option.
+ </para>
+ </warning>
<xi:include href="version-info.xml" xpointer="v251"/>
</listitem>
verity protected block device. Fields are delimited by
white space.</para>
- <para>Each line is in the form<programlisting><replaceable>volume-name</replaceable> <replaceable>data-device</replaceable> <replaceable>hash-device</replaceable> <replaceable>roothash</replaceable> <replaceable>options</replaceable></programlisting>
+ <para>Each line is in the form<programlisting><replaceable>volume-name</replaceable> <replaceable>data-device</replaceable> <replaceable>hash-device</replaceable> <replaceable>roothash</replaceable> <optional><replaceable>options</replaceable></optional></programlisting>
The first four fields are mandatory, the remaining one is optional.</para>
<para>The first field contains the name of the resulting verity volume; its block device is set up
below <filename>/dev/mapper/</filename>.</para>
<para>The second field contains a path to the underlying block data device, or a specification of a block device via
- <literal>UUID=</literal> followed by the UUID.</para>
+ <varname>UUID=</varname> followed by the <replaceable>UUID</replaceable>.</para>
<para>The third field contains a path to the underlying block hash device, or a specification of a block device via
- <literal>UUID=</literal> followed by the UUID.</para>
+ <varname>UUID=</varname> followed by the <replaceable>UUID</replaceable>.</para>
- <para>The fourth field is the <literal>roothash</literal> in hexadecimal.</para>
+ <para>The fourth field is the <replaceable>roothash</replaceable> in hexadecimal.</para>
<para>The fifth field, if present, is a comma-delimited list of options. The following options are
recognized:</para>
<varlistentry>
<term><option>format=<replaceable>NUMBER</replaceable></option></term>
- <listitem><para>Specifies the hash version type. Format type 0 is original Chrome OS version. Format type 1 is
+ <listitem><para>Specifies the hash version type. Format type <literal>0</literal> is original Chrome OS version. Format type <literal>1</literal> is
modern version.</para>
<xi:include href="version-info.xml" xpointer="v254"/></listitem>
<term><option>salt=<replaceable>HEX</replaceable></option></term>
<listitem><para>Salt used for format or verification. Format is a hexadecimal string; 256 bytes long maximum;
- <literal>-</literal>is the special value for empty.</para>
+ <literal>-</literal> is the special value for empty.</para>
<xi:include href="version-info.xml" xpointer="v254"/></listitem>
</varlistentry>
<varlistentry>
<term><option>uuid=<replaceable>UUID</replaceable></option></term>
- <listitem><para>Use the provided UUID for format command instead of generating new one. The UUID must be
- provided in standard UUID format, e.g. 12345678-1234-1234-1234-123456789abc.</para>
+ <listitem><para>Use the provided <replaceable>UUID</replaceable> for format command instead of generating new one. The <replaceable>UUID</replaceable> must be
+ provided in standard <acronym>UUID</acronym> format, e.g. <literal>12345678-1234-1234-1234-123456789abc</literal>.</para>
<xi:include href="version-info.xml" xpointer="v254"/></listitem>
</varlistentry>
<term><option>panic-on-corruption</option></term>
<listitem><para>Defines what to do if a data verity problem is detected (data corruption). Without these
- options kernel fails the IO operation with I/O error. With <literal>--ignore-corruption</literal> option the
- corruption is only logged. With <literal>--restart-on-corruption</literal> or
- <literal>--panic-on-corruption</literal> the kernel is restarted (panicked) immediately.
+ options kernel fails the <acronym>IO</acronym> operation with <acronym>I/O</acronym> error. With <option>--ignore-corruption</option> option the
+ corruption is only logged. With <option>--restart-on-corruption</option> or
+ <option>--panic-on-corruption</option> the kernel is restarted (panicked) immediately.
(You have to provide way how to avoid restart loops.)</para>
<term><option>ignore-zero-blocks</option></term>
<listitem><para>Instruct kernel to not verify blocks that are expected to contain zeroes and always directly
- return zeroes instead.
+ return zeroes instead.</para>
- WARNING: Use this option only in very specific cases. This option is available since Linux kernel version 4.5.
- </para>
+ <warning>
+ <para>Use this option only in very specific cases. This option is available since Linux kernel version 4.5.</para>
+ </warning>
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
<term><option>check-at-most-once</option></term>
<listitem><para>Instruct kernel to verify blocks only the first time they are read from the data device, rather
- than every time.
+ than every time.</para>
- WARNING: It provides a reduced level of security because only offline tampering of the data device's content
- will be detected, not online tampering. This option is available since Linux kernel version 4.17.
- </para>
+ <warning>
+ <para>It provides a reduced level of security because only offline tampering of the data device's content
+ will be detected, not online tampering. This option is available since Linux kernel version 4.17.</para>
+ </warning>
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
<varlistentry>
<term><option>fec-device=<replaceable>PATH</replaceable></option></term>
- <listitem><para>Use forward error correction (FEC) to recover from corruption if hash verification fails. Use
+ <listitem><para>Use forward error correction (<acronym>FEC</acronym>) to recover from corruption if hash verification fails. Use
encoding data from the specified device. The fec device argument can be block device or file image. For format,
if fec device path doesn't exist, it will be created as file. Note: block sizes for data and hash devices must
match. Also, if the verity data_device is encrypted the fec_device should be too.</para>
<varlistentry>
<term><option>fec-offset=<replaceable>BYTES</replaceable></option></term>
- <listitem><para>This is the offset, in bytes, from the start of the FEC device to the beginning of the encoding
+ <listitem><para>This is the offset, in bytes, from the start of the <acronym>FEC</acronym> device to the beginning of the encoding
data. (Aligned on 512 bytes.)</para>
<xi:include href="version-info.xml" xpointer="v254"/></listitem>
assert(a);
val = security_assessor_find_in_policy(a, policy, "weight");
- if (val) {
+ if (val) {
if (json_variant_is_unsigned(val))
return json_variant_unsigned(val);
log_debug("JSON field 'weight' of policy for %s is not an unsigned integer, ignoring.", a->id);
assert(a);
val = security_assessor_find_in_policy(a, policy, "range");
- if (val) {
+ if (val) {
if (json_variant_is_unsigned(val))
return json_variant_unsigned(val);
log_debug("JSON field 'range' of policy for %s is not an unsigned integer, ignoring.", a->id);
assert(a);
val = security_assessor_find_in_policy(a, policy, "description_na");
- if (val) {
+ if (val) {
if (json_variant_is_string(val))
return json_variant_string(val);
log_debug("JSON field 'description_na' of policy for %s is not a string, ignoring.", a->id);
assert(a);
val = security_assessor_find_in_policy(a, policy, "description_good");
- if (val) {
+ if (val) {
if (json_variant_is_string(val))
return json_variant_string(val);
log_debug("JSON field 'description_good' of policy for %s is not a string, ignoring.", a->id);
assert(a);
val = security_assessor_find_in_policy(a, policy, "description_bad");
- if (val) {
+ if (val) {
if (json_variant_is_string(val))
return json_variant_string(val);
log_debug("JSON field 'description_bad' of policy for %s is not a string, ignoring.", a->id);
return _unlikely_(need != 0 && size > (SIZE_MAX / need));
}
-_malloc_ _alloc_(1, 2) static inline void *malloc_multiply(size_t size, size_t need) {
+_malloc_ _alloc_(1, 2) static inline void *malloc_multiply(size_t size, size_t need) {
if (size_multiply_overflow(size, need))
return NULL;
int cg_has_coredump_receive(const char *path);
-typedef enum {
+typedef enum {
CG_KEY_MODE_GRACEFUL = 1 << 0,
} CGroupKeyMode;
state = VALUE;
if (!GREEDY_REALLOC(value, n_value+2))
- return -ENOMEM;
+ return -ENOMEM;
value[n_value++] = c;
}
pu = ret_unset_variables ? &unset_variables : NULL;
pb = ret_bad_variables ? &bad_variables : NULL;
- for (e = format, i = 0; *e && i < n; e ++, i ++)
+ for (e = format, i = 0; *e && i < n; e++, i++)
switch (state) {
case WORD:
char *_p, *_n; \
size_t _l; \
while (_path[0] == '/' && _path[1] == '/') \
- _path ++; \
+ _path++; \
if (isempty(_root)) \
_ret = _path; \
else { \
} else {
if (path[path_len - 1] == '\0')
/* We expect a terminating NUL and don't print it */
- path_len --;
+ path_len--;
p = cescape_length(path, path_len);
}
break;
case 'R':
- arg_print_root_device ++;
+ arg_print_root_device++;
break;
case ARG_NO_VARIABLES:
if (r < 0)
return r;
- for (int i = 0; i < n; i ++) {
+ for (int i = 0; i < n; i++) {
_cleanup_free_ char *unit_path = NULL, *job_path = NULL;
job_path = job_dbus_path(list[i]);
mount_entry_consume_prefix(m, TAKE_PTR(target));
- m->n_followed ++;
+ m->n_followed++;
return 0;
}
*b = c;
- c[(*n) ++] = (BindMount) {
+ c[(*n)++] = (BindMount) {
.source = TAKE_PTR(s),
.destination = TAKE_PTR(d),
.read_only = item->read_only,
*m = c;
- c[(*n) ++] = (MountImage) {
+ c[(*n)++] = (MountImage) {
.source = TAKE_PTR(s),
.destination = TAKE_PTR(d),
.mount_options = TAKE_PTR(options),
*t = c;
- c[(*n) ++] = (TemporaryFileSystem) {
+ c[(*n)++] = (TemporaryFileSystem) {
.path = TAKE_PTR(p),
.options = TAKE_PTR(o),
};
/* If this is a symlink watch both the symlink inode and where it points to. If the inode is
* not a symlink both calls will install the same watch, which is redundant and doesn't
* hurt. */
- for (int follow_symlink = 0; follow_symlink < 2; follow_symlink ++) {
+ for (int follow_symlink = 0; follow_symlink < 2; follow_symlink++) {
uint32_t f = flags;
SET_FLAG(f, IN_DONT_FOLLOW, !follow_symlink);
/* Count the jobs we enqueue for restarting. This counter is maintained as long as the unit isn't
* fully stopped, i.e. as long as it remains up or remains in auto-start states. The user can reset
* the counter explicitly however via the usual "systemctl reset-failure" logic. */
- s->n_restarts ++;
+ s->n_restarts++;
s->flush_n_restarts = false;
s->notify_access_override = _NOTIFY_ACCESS_INVALID;
log_unit_warning_errno(
u, r, "Failed to enqueue %s job, ignoring: %s",
dependency_name, bus_error_message(&error, r));
- n_jobs ++;
+ n_jobs++;
}
if (n_jobs >= 0)
char buf[DECIMAL_STR_MAX(pid_t)];
const char *t = context->meta[i];
- switch(i) {
+ switch (i) {
case META_ARGV_PID:
xsprintf(buf, PID_FMT, ucred.pid);
if (hash_size == 0)
return 0;
- for (int token = 0; token < sym_crypt_token_max(CRYPT_LUKS2); token ++) {
+ for (int token = 0; token < sym_crypt_token_max(CRYPT_LUKS2); token++) {
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
_cleanup_free_ void *thash = NULL;
size_t thash_size = 0;
/* Politely refuse operating on homed volumes. The enrolled tokens for the user record and the LUKS2
* volume should not get out of sync. */
- for (int token = 0; token < crypt_token_max(CRYPT_LUKS2); token ++) {
+ for (int token = 0; token < crypt_token_max(CRYPT_LUKS2); token++) {
r = cryptsetup_get_token_as_json(cd, token, "systemd-homed", NULL);
if (IN_SET(r, -ENOENT, -EINVAL, -EMEDIUMTYPE))
continue;
dirs[n_dirs] = strdup(de->d_name);
if (!dirs[n_dirs])
return -ENOMEM;
- n_dirs ++;
+ n_dirs++;
}
if (!dirent_is_file(de))
files[n_files] = strdup(de->d_name);
if (!files[n_files])
return -ENOMEM;
- n_files ++;
+ n_files++;
}
strv_sort(dirs);
/* Implements util-linux "external helper" command line interface, as per mount(8) man page. */
while ((c = getopt(argc, argv, "sfnvN:o:t:")) >= 0) {
- switch(c) {
+ switch (c) {
case 'f':
fake = true;
for (i = 0; i < per_column; i++) {
- for (j = 0; j < n_columns; j ++) {
+ for (j = 0; j < n_columns; j++) {
_cleanup_free_ char *e = NULL;
if (j * per_column + i >= n)
return -EIO;
if (EVP_DigestVerify(md_ctx, signature, signature_size, (uint8_t*) text, strlen(text)) <= 0) {
- n_bad ++;
+ n_bad++;
continue;
}
- n_good ++;
+ n_good++;
}
return n_good > 0 ? (n_bad == 0 ? USER_RECORD_SIGNED_EXCLUSIVE : USER_RECORD_SIGNED) :
if ((uint64_t) l != sz)
return -EIO;
- for (i = 0; i < HEADER_L1_SIZE(&header); i ++) {
+ for (i = 0; i < HEADER_L1_SIZE(&header); i++) {
uint64_t l2_begin, j;
r = normalize_offset(&header, l1_table[i], &l2_begin, NULL, NULL);
if (pid_is_unwaited(c->pid) == 0)
client_context_free(s, c);
else
- idx ++;
+ idx++;
}
s->last_cache_pid_flush = t;
int r;
while (offset < buflen) {
- code = options[offset ++];
+ code = options[offset++];
switch (code) {
case SD_DHCP_OPTION_PAD:
if (buflen < offset + 1)
return -ENOBUFS;
- len = options[offset ++];
+ len = options[offset++];
if (buflen < offset + len)
return -EINVAL;
return -ENOMEM;
}
- for (i = 0; i < sz; i ++) {
+ for (i = 0; i < sz; i++) {
uint32_t v = 0;
for (j = 0; j < 8; ++j) {
if ((*flags & NAMES_FIRST_PART || *flags & NAMES_SINGLE_PART) && **names != '\0')
*flags |= NAMES_PRESENT;
- for (;*flags & NAMES_PRESENT;) {
+ while (*flags & NAMES_PRESENT) {
size_t l;
if (!*signature)
goto finish;
}
- for (int fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++) {
+ for (int fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
r = fd_cloexec(fd, true);
if (r < 0)
goto finish;
/* drop trailing newlines */
while (len > 0 && strchr(NEWLINE, _value[len - 1]))
- len --;
+ len--;
/* value length is limited to 4k */
if (len > 4096)
assert(s->inotify.inode_data->inotify_data);
if (b)
- s->inotify.inode_data->inotify_data->n_pending ++;
+ s->inotify.inode_data->inotify_data->n_pending++;
else {
assert(s->inotify.inode_data->inotify_data->n_pending > 0);
- s->inotify.inode_data->inotify_data->n_pending --;
+ s->inotify.inode_data->inotify_data->n_pending--;
}
}
if (r < 0)
return r;
if (r > 0)
- done ++;
+ done++;
}
return done;
/* If we already found the "shell" verb on the command line, and now found the next
* non-option argument, then this is the machine name and we should stop processing
* further arguments. */
- optind --; /* don't process this argument, go one step back */
+ optind--; /* don't process this argument, go one step back */
goto done;
}
if (streq(optarg, "shell"))
return log_link_warning_errno(link, r, "Failed to %s Rapid Commit support for DHCPv4 server instance: %m",
enable_disable(link->network->dhcp_server_rapid_commit));
- for (sd_dhcp_lease_server_type_t type = 0; type < _SD_DHCP_LEASE_SERVER_TYPE_MAX; type ++) {
+ for (sd_dhcp_lease_server_type_t type = 0; type < _SD_DHCP_LEASE_SERVER_TYPE_MAX; type++) {
if (!link->network->dhcp_server_emit[type].emit)
continue;
assert(directory);
assert(current_uid);
- for (;; (*current_uid) ++) {
+ for (;; (*current_uid)++) {
if (*current_uid > MAP_UID_MAX || *current_uid > max_uid)
return log_error_errno(
SYNTHETIC_ERRNO(EBUSY),
return r;
}
- (*n_array) ++;
+ (*n_array)++;
}
return 0;
#endif
}
- for (rl = 0; rl < _RLIMIT_MAX; rl ++) {
+ for (rl = 0; rl < _RLIMIT_MAX; rl++) {
if ((arg_settings_mask & (SETTING_RLIMIT_FIRST << rl)))
continue;
dns_server_unref(t->server);
t->server = dns_server_ref(server);
- t->n_picked_servers ++;
+ t->n_picked_servers++;
log_debug("Using DNS server %s for transaction %u.", strna(dns_server_string_full(t->server)), t->id);
rem = BITMAP_NUM_TO_REM(i->idx);
bitmask = UINT64_C(1) << rem;
- for (; offset < b->n_bitmaps; offset ++) {
+ for (; offset < b->n_bitmaps; offset++) {
if (b->bitmaps[offset]) {
- for (; bitmask; bitmask <<= 1, rem ++) {
+ for (; bitmask; bitmask <<= 1, rem++) {
if (b->bitmaps[offset] & bitmask) {
*n = BITMAP_OFFSET_TO_NUM(offset, rem);
i->idx = *n + 1;
* parse_compare_operator() are use on the same string? */
return _COMPARE_OPERATOR_INVALID;
- for (size_t i = 0; i < ELEMENTSOF(table); i ++) {
+ for (size_t i = 0; i < ELEMENTSOF(table); i++) {
const char *e;
if (table[i].need_mask != 0 && !FLAGS_SET(flags, table[i].need_mask))
/* Loads FIDO2 metadata from LUKS2 JSON token headers. */
- for (int token = 0; token < sym_crypt_token_max(CRYPT_LUKS2); token ++) {
+ for (int token = 0; token < sym_crypt_token_max(CRYPT_LUKS2); token++) {
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
JsonVariant *w;
_cleanup_free_ void *salt = NULL;
assert(m);
- for (; n_meta_initialized < _META_MAX; n_meta_initialized ++) {
+ for (; n_meta_initialized < _META_MAX; n_meta_initialized++) {
assert(paths[n_meta_initialized]);
if (pipe2(fds + 2*n_meta_initialized, O_CLOEXEC) < 0) {
return -ENOMEM;
n = sd_listen_fds(unset);
- for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++) {
+ for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
r = fdset_put(s, fd);
if (r < 0)
return r;
NFT_SET_SOURCE_GROUP,
_NFT_SET_SOURCE_MAX,
_NFT_SET_SOURCE_INVALID = -EINVAL,
-} NFTSetSource;
+} NFTSetSource;
typedef struct NFTSet {
NFTSetSource source;
}
fputc('\n', f);
- n_subline ++;
+ n_subline++;
} while (more_sublines);
}
if (IN_SET(*end, ',', '\0'))
break;
assert(*end == '\\');
- end ++; /* Skip the backslash */
+ end++; /* Skip the backslash */
if (*end != '\0')
- end ++; /* Skip the escaped char, but watch out for a trailing comma */
+ end++; /* Skip the escaped char, but watch out for a trailing comma */
}
NULSTR_FOREACH(name, names) {
if (r == 0)
break;
- line_number ++;
+ line_number++;
/* comment line */
if (line[0] == '#')
_cleanup_free_ char *dir = NULL;
char *p;
- path_alias ++; /* skip over slash */
+ path_alias++; /* skip over slash */
r = path_extract_directory(dst, &dir);
if (r < 0)
return -ELNRNG;
if (d >= array->depth)
array->depth = d + 1;
- array->n_elements ++;
+ array->n_elements++;
*w = (JsonVariant) {
.is_embedded = true,
source = json_variant_string(v);
k = strnlen(source, INLINE_STRING_MAX + 1);
if (k <= INLINE_STRING_MAX) {
- k ++;
+ k++;
break;
}
return -ENOMEM;
s[n++] = ch;
- c ++;
+ c++;
continue;
}
}
}
- done ++;
+ done++;
} else { /* Didn't find a matching entry! ☹️ */
return r;
} else
- done ++;
+ done++;
} else {
json_log(value, flags, 0, "Unexpected object field '%s'.", json_variant_string(key));
/* COSE_ECDH_ES256 is not usable with fido_cred_set_type() thus it's not listed here. */
static const char *fido2_algorithm_to_string(int alg) {
- switch(alg) {
+ switch (alg) {
case COSE_ES256:
return "es256";
case COSE_RS256:
if (r < 0)
return r;
- s->n_messages ++;
+ s->n_messages++;
return 0;
}
if (r < 0)
return r;
- s->n_messages ++;
+ s->n_messages++;
return 0;
}
if (r < 0)
return r;
- s->n_messages ++;
+ s->n_messages++;
return 0;
}
/* Checks if this mount point is considered "API", and hence
* should be ignored */
- for (size_t i = 0; i < ELEMENTSOF(mount_table); i ++)
+ for (size_t i = 0; i < ELEMENTSOF(mount_table); i++)
if (path_equal(path, mount_table[i].where))
return true;
dirname = mfree(dirname);
/* And now let's back out one level up */
- n_todo --;
+ n_todo--;
d = TAKE_PTR(todos[n_todo].dir);
dirname = TAKE_PTR(todos[n_todo].dirname);
old_mode = todos[n_todo].old_mode;
assert(interface);
- n_symbols ++; /* Space for trailing NULL end marker symbol */
+ n_symbols++; /* Space for trailing NULL end marker symbol */
/* Overflow check */
if (n_symbols > (SIZE_MAX - offsetof(VarlinkInterface, symbols)) / sizeof(VarlinkSymbol*))
assert(symbol);
- n_fields ++; /* Space for trailing end marker field */
+ n_fields++; /* Space for trailing end marker field */
/* Overflow check */
if (n_fields > (SIZE_MAX - offsetof(VarlinkSymbol, fields)) / sizeof(VarlinkField))
if ((major(rootdev) != 0 && rootdev == m->devnum) ||
(major(usrdev) != 0 && usrdev == m->devnum)) {
log_debug("Not detaching DM %s that backs the OS itself, skipping.", m->path);
- n_failed ++;
+ n_failed++;
continue;
}
if ((major(rootdev) != 0 && rootdev == m->devnum) ||
(major(usrdev) != 0 && usrdev == m->devnum)) {
log_debug("Not detaching MD %s that backs the OS itself, skipping.", m->path);
- n_failed ++;
+ n_failed++;
continue;
}
if (r < 0)
return log_oom();
- n_extensions ++;
+ n_extensions++;
}
/* Nothing left? Then shortcut things */
return r;
STRV_FOREACH(p, sysvrcnd_path)
- for (unsigned i = 0; i < ELEMENTSOF(rcnd_table); i ++) {
+ for (unsigned i = 0; i < ELEMENTSOF(rcnd_table); i++) {
_cleanup_closedir_ DIR *d = NULL;
_cleanup_free_ char *path = NULL;
static void destroy_callback(void *userdata) {
int *n_called = userdata;
- (*n_called) ++;
+ (*n_called)++;
}
TEST(destroy_callback) {
unsigned long p = (unsigned long)CAP_LAST_CAP;
if (prctl(PR_CAPBSET_READ, p) < 0) {
- for (p--; p > 0; p --)
+ for (p--; p > 0; p--)
if (prctl(PR_CAPBSET_READ, p) >= 0)
break;
} else {
i = 0;
uint8_t u8, u8_1 = 1, u8_2 = 2, u8_3 = 3;
VA_ARGS_FOREACH(u8, u8_2, 8, 0xff, u8_1, u8_3, 0, 1) {
- switch(i++) {
+ switch (i++) {
case 0: assert_se(u8 == u8_2); break;
case 1: assert_se(u8 == 8); break;
case 2: assert_se(u8 == 0xff); break;
i = 0;
uint32_t u32, u32_1 = 0xffff0000, u32_2 = 10, u32_3 = 0xffff;
VA_ARGS_FOREACH(u32, 1, 100, u32_2, 1000, u32_3, u32_1, 1, 0) {
- switch(i++) {
+ switch (i++) {
case 0: assert_se(u32 == 1); break;
case 1: assert_se(u32 == 100); break;
case 2: assert_se(u32 == u32_2); break;
i = 0;
uint64_t u64, u64_1 = 0xffffffffffffffff, u64_2 = 50, u64_3 = 0xffff;
VA_ARGS_FOREACH(u64, 44, 0, u64_3, 100, u64_2, u64_1, 50000) {
- switch(i++) {
+ switch (i++) {
case 0: assert_se(u64 == 44); break;
case 1: assert_se(u64 == 0); break;
case 2: assert_se(u64 == u64_3); break;
s_3 = { .a = 0xff, .b = 'q', },
s_4 = { .a = 1, .b = 'x', };
VA_ARGS_FOREACH(s, s_1, (struct test){ .a = 10, .b = 'd', }, s_2, (struct test){}, s_3, s_4) {
- switch(i++) {
+ switch (i++) {
case 0: assert_se(s.a == 0 ); assert_se(s.b == 'c'); break;
case 1: assert_se(s.a == 10 ); assert_se(s.b == 'd'); break;
case 2: assert_se(s.a == 100000); assert_se(s.b == 'z'); break;
i = 0;
struct test *p, *p_1 = &s_1, *p_2 = &s_2, *p_3 = &s_3, *p_4 = &s_4;
VA_ARGS_FOREACH(p, p_1, NULL, p_2, p_3, NULL, p_4, NULL) {
- switch(i++) {
+ switch (i++) {
case 0: assert_se(p == p_1); break;
case 1: assert_se(p == NULL); break;
case 2: assert_se(p == p_2); break;
void *v, *v_1 = p_1, *v_2 = p_2, *v_3 = p_3;
uint32_t *u32p = &u32;
VA_ARGS_FOREACH(v, v_1, NULL, u32p, v_3, p_2, p_4, v_2, NULL) {
- switch(i++) {
+ switch (i++) {
case 0: assert_se(v == v_1); break;
case 1: assert_se(v == NULL); break;
case 2: assert_se(v == u32p); break;
assert_se(!a[x] || a[x]->value == x);
if (a[x])
- n_freed ++;
+ n_freed++;
a[x] = mempool_free_tile(&test_mempool, a[x]);
}
for (size_t i = 2; i < NN; i += 3) {
assert_se(!a[i] || a[i]->value == i);
if (a[i])
- n_freed ++;
+ n_freed++;
a[i] = mempool_free_tile(&test_mempool, a[i]);
}
for (size_t i = 0; i < NN; i += 1) {
assert_se(!a[i] || a[i]->value == i);
if (a[i])
- n_freed ++;
+ n_freed++;
a[i] = mempool_free_tile(&test_mempool, a[i]);
}
for (size_t i = 0; i < NN; i += 1) {
assert_se(!b[i] || b[i]->value == ~(uint64_t) i);
if (b[i])
- n_freed ++;
+ n_freed++;
b[i] = mempool_free_tile(&test_mempool, b[i]);
}
assert_se(sscanf(line, "%i %*s %*s %*s %ms", &mnt_id, &path) == 2);
#if HAS_FEATURE_MEMORY_SANITIZER
/* We don't know the length of the string, so we need to unpoison it one char at a time */
- for (const char *c = path; ;c++) {
+ for (const char *c = path; ; c++) {
msan_unpoison(c, 1);
if (!*c)
break;
};
uint8_t res[SHA256_DIGEST_SIZE];
- for(size_t i = 0; i < sizeof(test_vectors)/sizeof(test_vectors[0]); i++) {
+ for (size_t i = 0; i < sizeof(test_vectors)/sizeof(test_vectors[0]); i++) {
int rc = tpm2_util_pbkdf2_hmac_sha256(
test_vectors[i].pass,
return "Not Specified";
bp += dm->length;
- for (;s > 1 && !isempty(bp); s--)
+ for (; s > 1 && !isempty(bp); s--)
bp += strlen(bp) + 1;
if (isempty(bp))