fsverity: remove debug messages and CONFIG_FS_VERITY_DEBUG

	  If unsure, say N.

config FS_VERITY_DEBUG

	bool "FS Verity debugging"

	depends on FS_VERITY

	help

	  Enable debugging messages related to fs-verity by default.

	  Say N unless you are an fs-verity developer.

config FS_VERITY_BUILTIN_SIGNATURES

	bool "FS Verity builtin signature support"

	depends on FS_VERITY

	for (i = 0; i < num_blocks_to_hash; i++) {

		struct page *src_page;

		if ((pgoff_t)i % 10000 == 0 || i + 1 == num_blocks_to_hash)

			pr_debug("Hashing block %llu of %llu for level %u\n",

				 i + 1, num_blocks_to_hash, level);

		if (level == 0) {

			/* Leaf: hashing a data block */

			src_page = read_file_data_page(filp, i, &ra,

	 * ->begin_enable_verity() and ->end_enable_verity() using the inode

	 * lock and only allow one process to be here at a time on a given file.

	 */

	pr_debug("Building Merkle tree...\n");

	BUILD_BUG_ON(sizeof(desc->root_hash) < FS_VERITY_MAX_DIGEST_SIZE);

	err = build_merkle_tree(filp, &params, desc->root_hash);

	if (err) {

		fsverity_err(inode, "Error %d building Merkle tree", err);

		goto rollback;

	}

	pr_debug("Done building Merkle tree.  Root hash is %s:%*phN\n",

		 params.hash_alg->name, params.digest_size, desc->root_hash);

	/*

	 * Create the fsverity_info.  Don't bother trying to save work by

		goto rollback;

	}

	if (arg->sig_size)

		pr_debug("Storing a %u-byte PKCS#7 signature alongside the file\n",

			 arg->sig_size);

	/*

	 * Tell the filesystem to finish enabling verity on the file.

	 * Serialized with ->begin_enable_verity() by the inode lock.

#ifndef _FSVERITY_PRIVATE_H

#define _FSVERITY_PRIVATE_H

#ifdef CONFIG_FS_VERITY_DEBUG

#define DEBUG

#endif

#define pr_fmt(fmt) "fs-verity: " fmt

#include <linux/fsverity.h>

	if (err)

		goto err_exit_workqueue;

	pr_debug("Initialized fs-verity\n");

	return 0;

err_exit_workqueue:

	params->log_arity = params->log_blocksize - ilog2(params->digest_size);

	params->hashes_per_block = 1 << params->log_arity;

	pr_debug("Merkle tree uses %s with %u-byte blocks (%u hashes/block), salt=%*phN\n",

		 hash_alg->name, params->block_size, params->hashes_per_block,

		 (int)salt_size, salt);

	/*

	 * Compute the number of levels in the Merkle tree and create a map from

	 * level to the starting block of that level.  Level 'num_levels - 1' is

	/* Compute number of levels and the number of blocks in each level */

	blocks = ((u64)inode->i_size + params->block_size - 1) >> log_blocksize;

	pr_debug("Data is %lld bytes (%llu blocks)\n", inode->i_size, blocks);

	while (blocks > 1) {

		if (params->num_levels >= FS_VERITY_MAX_LEVELS) {

			fsverity_err(inode, "Too many levels in Merkle tree");

	for (level = (int)params->num_levels - 1; level >= 0; level--) {

		blocks = params->level_start[level];

		params->level_start[level] = offset;

		pr_debug("Level %d is %llu blocks starting at index %llu\n",

			 level, blocks, offset);

		offset += blocks;

	}

		fsverity_err(inode, "Error %d computing file digest", err);

		goto out;

	}

	pr_debug("Computed file digest: %s:%*phN\n",

		 vi->tree_params.hash_alg->name,

		 vi->tree_params.digest_size, vi->file_digest);

	err = fsverity_verify_signature(vi, desc->signature,

					le32_to_cpu(desc->sig_size));

int __fsverity_file_open(struct inode *inode, struct file *filp)

{

	if (filp->f_mode & FMODE_WRITE) {

		pr_debug("Denying opening verity file (ino %lu) for write\n",

			 inode->i_ino);

	if (filp->f_mode & FMODE_WRITE)

		return -EPERM;

	}

	return ensure_verity_info(inode);

}

EXPORT_SYMBOL_GPL(__fsverity_file_open);

int __fsverity_prepare_setattr(struct dentry *dentry, struct iattr *attr)

{

	if (attr->ia_valid & ATTR_SIZE) {

		pr_debug("Denying truncate of verity file (ino %lu)\n",

			 d_inode(dentry)->i_ino);

	if (attr->ia_valid & ATTR_SIZE)

		return -EPERM;

	}

	return 0;

}

EXPORT_SYMBOL_GPL(__fsverity_prepare_setattr);