rngd: don't open the TPM if hwrng is available

If /dev/hwrng is avaiable, do not open the TPM.  Newer kernels export
TPM randomness via /dev/hwrng; this properly handles multiplexing of
the TPM so that we don't interfere with TrouSerS.  Thus, we don't want
to open /dev/tpm0 if we can open /dev/hwrng.

Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

diff --git a/rngd.c b/rngd.c
index f1b7e1a9165faf0cd75a9b1554c3704a9c6f4bbe..8ab219c296de4504ed41759f2baf9dbf1bd564dd 100644 (file)
--- a/rngd.c
+++ b/rngd.c
@@ -301,13 +301,13 @@ int main(int argc, char **argv)
        rc_rng = init_entropy_source(&rng_default);
        if (arguments->enable_drng)
                rc_drng = init_drng_entropy_source(&rng_drng);
-       if (arguments->enable_tpm)
+       if (arguments->enable_tpm && rc_rng)
                rc_tpm = init_tpm_entropy_source(&rng_tpm);
 
        if (rc_rng && rc_drng && rc_tpm) {
                if (!arguments->quiet) {
                        message(LOG_DAEMON|LOG_ERR,
-                               "can't open entropy source(tpm or intel/amd rng)");
+                               "can't open any entropy source");
                        message(LOG_DAEMON|LOG_ERR,
                                "Maybe RNG device modules are not loaded\n");
                }