If /dev/hwrng is avaiable, do not open the TPM. Newer kernels export
TPM randomness via /dev/hwrng; this properly handles multiplexing of
the TPM so that we don't interfere with TrouSerS. Thus, we don't want
to open /dev/tpm0 if we can open /dev/hwrng.
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
rc_rng = init_entropy_source(&rng_default);
if (arguments->enable_drng)
rc_drng = init_drng_entropy_source(&rng_drng);
- if (arguments->enable_tpm)
+ if (arguments->enable_tpm && rc_rng)
rc_tpm = init_tpm_entropy_source(&rng_tpm);
if (rc_rng && rc_drng && rc_tpm) {
if (!arguments->quiet) {
message(LOG_DAEMON|LOG_ERR,
- "can't open entropy source(tpm or intel/amd rng)");
+ "can't open any entropy source");
message(LOG_DAEMON|LOG_ERR,
"Maybe RNG device modules are not loaded\n");
}