Squash: remove DEBUG that were TODO for removal

Signed-off-by: Thierry Laurion <insurgo@riseup.net>

initrd/bin/oem-factory-reset

@@ -211,8 +211,6 @@ generate_inmemory_p256_master_and_subkeys() {
         whiptail_error_die "Failed to add ECC nistp256 signing key to master key\n\n${ERROR_MSG}"
     fi
 
-    DEBUG "TODO REMOVE THIS: output of signing subkey generation /tmp/gpg_card_edit_output $(cat /tmp/gpg_card_edit_output)"
-
     echo "Generating GPG nistp256 encryption subkey..."
     {
         echo addkey
@@ -228,8 +226,6 @@ generate_inmemory_p256_master_and_subkeys() {
         whiptail_error_die "Failed to add ECC nistp256 encryption key to master key\n\n${ERROR_MSG}"
     fi
 
-    DEBUG "TODO REMOVE THIS: output of encryption subkey generation /tmp/gpg_card_edit_output $(cat /tmp/gpg_card_edit_output)"
-
     echo "Generating GPG nistp256 authentication subkey..."
     {
         echo addkey       # add key in --edit-key mode
@@ -247,8 +243,7 @@ generate_inmemory_p256_master_and_subkeys() {
         whiptail_error_die "Failed to add ECC nistp256 authentication key to master key\n\n${ERROR_MSG}"
     fi
 
-    DEBUG "TODO REMOVE THIS: output of authentication subkey generation /tmp/gpg_card_edit_output $(cat /tmp/gpg_card_edit_output)"
+    }
-}
 
 #Function to move current gpg keyring subkeys to card (keytocard)
 # This is aimed to be used after having generated master key and subkeys in memory and having backuped them to a LUKS container
@@ -266,8 +261,6 @@ keytocard_subkeys_to_smartcard() {
 
     gpg_key_factory_reset
 
-    DEBUG "TODO REMOVE THIS: ADMIN_PIN_DEF=${ADMIN_PIN_DEF} ADMIN_PIN=${ADMIN_PIN}"
-
     echo "Moving subkeys to smartcard..."
     {
         echo "key 1"            #Toggle on Signature key in --edit-key mode on local keyring
@@ -296,9 +289,6 @@ keytocard_subkeys_to_smartcard() {
         ERROR=$(cat /tmp/gpg_card_edit_output)
         whiptail_error_die "GPG Key moving subkeys to smartcard failed!\n\n$ERROR"
     fi
-    #TODO: Clarify in code that since reset gpg is done, passwd is default and then cange_pass is done
-
-    DEBUG "TODO REMOVE THIS. Ouput of /tmp/gpg_card_edit_output: $(cat /tmp/gpg_card_edit_output)"
 
     TRACE "oem-factory-reset:keytocard_subkeys_to_smartcard done"
 }
@@ -1101,16 +1091,13 @@ if [ "$GPG_GEN_KEY_IN_MEMORY" == "1" ]; then
     if [ "$GPG_ALGO" == "RSA" ]; then
         # Generate GPG master key
         generate_inmemory_RSA_master_and_subkeys
-        #TODO seperate wiping and thumb drive functions with proper validation
         wipe_thumb_drive_and_copy_gpg_key_material
-        #TODO seperate setting config
+        #TODO seperate setting config. Recovery shell under qemu without reboot doesn't prompt for PIN
         set_user_config "CONFIG_HAVE_GPG_KEY_BACKUP" "y"
         keytocard_subkeys_to_smartcard
     elif [ "$GPG_ALGO" == "p256" ]; then
         generate_inmemory_p256_master_and_subkeys
-        #TODO seperate wiping and thumb drive functions with proper validation
         wipe_thumb_drive_and_copy_gpg_key_material
-        #TODO seperate setting config
         keytocard_subkeys_to_smartcard
     else
         die "Unsupported GPG_ALGO: $GPG_ALGO"
@@ -1172,13 +1159,11 @@ fi
 # Do not attempt to flash the key to ROM if we are running in QEMU based on CONFIG_BOARD_NAME matching glob pattern containing qemu-*
 # We check for qemu-* instead of ^qemu- because CONFIG_BOARD_NAME could be renamed to UNTESTED-qemu-* in a probable future
 if [[ "$CONFIG_BOARD_NAME" == qemu-* ]]; then
-    warn "Skipping flash of GPG key to ROM because we are running in QEMU"
+    warn "Skipping flash of GPG key to ROM because we are running in QEMU without internal flashing support."
-    warn "Please review documentation md file under board directory on your building machine, and review board config options in .config file to enable configuration options you want to test in QEMU until internal flashing support is integrated."
 else
     #We are not running in QEMU, so flash the key to ROM
 
     ## flash generated key to ROM
-    # TODO: would be nice if we warned users that qemu boards will fail here and tell them what to do
     echo -e "\nReading current firmware...\n(this will take a minute or two)\n"
     /bin/flash.sh -r /tmp/oem-setup.rom >/dev/null 2>/tmp/error
     if [ ! -s /tmp/oem-setup.rom ]; then

initrd/bin/tpmr

@@ -393,7 +393,6 @@ tpm2_seal() {
 	tpm_password="$7"	# Owner password - will prompt if needed and not empty
 	# TPM Owner Password is always needed for TPM2.
 
-	DEBUG "TODO REMOVE THIS. tpm2_seal: pass=$pass tpm_password=$tpm_password"
 	mkdir -p "$SECRET_DIR"
 	bname="`basename $file`"
 
@@ -555,8 +554,6 @@ tpm2_unseal() {
 		UNSEAL_PASS_SUFFIX="+$(tpm2_password_hex "$pass")"
 	fi
 
-	DEBUG "TODO REMOVE THIS. tpm2_unseal: pass=$pass UNSEAL_PASS_SUFFIX=$UNSEAL_PASS_SUFFIX"
-
 	tpm2 unseal -Q -c "$handle" -p "session:$POLICY_SESSION$UNSEAL_PASS_SUFFIX" \
 		-S "/tmp/$ENC_SESSION_FILE" > "$file"
 }

initrd/etc/functions

@@ -197,12 +197,10 @@ prompt_tpm_owner_password() {
 	#Caller might already have cached the password in tpm_password. If not, prompt for it and cache it externally
 	if [ -n "$tpm_owner_password" ]; then
 		DEBUG "tpm_owner_password variable already set by caller. Reusing"
-		DEBUG "TODO REMOVE THIS! tpm_owner_password is $tpm_owner_password here."
 		return 0
 	elif [ -s /tmp/secret/tpm_owner_password ]; then
 		DEBUG "/tmp/secret/tpm_owner_password already cached in file. Reusing"
 		tpm_owner_password=$(cat /tmp/secret/tpm_owner_password)
-		DEBUG "TODO REMOVE THIS! tpm_owner_password is $tpm_owner_password here."
 		return 0
 	fi