From: H. Peter Anvin <hpa@linux.intel.com>
Date: Wed, 1 Aug 2012 21:31:38 +0000 (-0700)
Subject: rngd: don't open the TPM if hwrng is available
X-Git-Tag: v4~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9b1a3bbbdf7da77cf84e2eaafb55260d357ae3de;p=thirdparty%2Frng-tools.git

rngd: don't open the TPM if hwrng is available

If /dev/hwrng is avaiable, do not open the TPM.  Newer kernels export
TPM randomness via /dev/hwrng; this properly handles multiplexing of
the TPM so that we don't interfere with TrouSerS.  Thus, we don't want
to open /dev/tpm0 if we can open /dev/hwrng.

Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
---

diff --git a/rngd.c b/rngd.c
index f1b7e1a..8ab219c 100644
--- a/rngd.c
+++ b/rngd.c
@@ -301,13 +301,13 @@ int main(int argc, char **argv)
 	rc_rng = init_entropy_source(&rng_default);
 	if (arguments->enable_drng)
 		rc_drng = init_drng_entropy_source(&rng_drng);
-	if (arguments->enable_tpm)
+	if (arguments->enable_tpm && rc_rng)
 		rc_tpm = init_tpm_entropy_source(&rng_tpm);
 
 	if (rc_rng && rc_drng && rc_tpm) {
 		if (!arguments->quiet) {
 			message(LOG_DAEMON|LOG_ERR,
-				"can't open entropy source(tpm or intel/amd rng)");
+				"can't open any entropy source");
 			message(LOG_DAEMON|LOG_ERR,
 				"Maybe RNG device modules are not loaded\n");
 		}