From 1c3f1dff30ad1ac168aaff3e9e34fd7aa355535e Mon Sep 17 00:00:00 2001
From: Krzysztof Pawlik <nelchael@gentoo.org>
Date: Mon, 8 Nov 2010 12:18:53 +0000
Subject: Version bump, remove old versions. rng-tools-3 contains support for
 TPM devices.

(Portage version: 2.1.9.24/cvs/Linux x86_64)
---
 sys-apps/rng-tools/ChangeLog                     |  12 +-
 sys-apps/rng-tools/files/2-r2/rngd               |  61 -----
 sys-apps/rng-tools/files/2-r2/rngd-conf          |  27 --
 sys-apps/rng-tools/files/rngd-confd-3            |  27 ++
 sys-apps/rng-tools/files/rngd-initd-3            |  61 +++++
 sys-apps/rng-tools/files/rngd_tpm_support.patch  | 288 ---------------------
 sys-apps/rng-tools/files/rngd_tpm_support2.patch | 309 -----------------------
 sys-apps/rng-tools/rng-tools-2-r2.ebuild         |  31 ---
 sys-apps/rng-tools/rng-tools-2-r3.ebuild         |  31 ---
 sys-apps/rng-tools/rng-tools-3.ebuild            |  29 +++
 10 files changed, 128 insertions(+), 748 deletions(-)
 delete mode 100644 sys-apps/rng-tools/files/2-r2/rngd
 delete mode 100644 sys-apps/rng-tools/files/2-r2/rngd-conf
 create mode 100644 sys-apps/rng-tools/files/rngd-confd-3
 create mode 100644 sys-apps/rng-tools/files/rngd-initd-3
 delete mode 100644 sys-apps/rng-tools/files/rngd_tpm_support.patch
 delete mode 100644 sys-apps/rng-tools/files/rngd_tpm_support2.patch
 delete mode 100644 sys-apps/rng-tools/rng-tools-2-r2.ebuild
 delete mode 100644 sys-apps/rng-tools/rng-tools-2-r3.ebuild
 create mode 100644 sys-apps/rng-tools/rng-tools-3.ebuild

(limited to 'sys-apps/rng-tools')

diff --git a/sys-apps/rng-tools/ChangeLog b/sys-apps/rng-tools/ChangeLog
index 99b1c0eac18a..be86146bd29e 100644
--- a/sys-apps/rng-tools/ChangeLog
+++ b/sys-apps/rng-tools/ChangeLog
@@ -1,6 +1,16 @@
 # ChangeLog for sys-apps/rng-tools
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/ChangeLog,v 1.29 2010/09/15 08:36:14 robbat2 Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/ChangeLog,v 1.30 2010/11/08 12:18:52 nelchael Exp $
+
+*rng-tools-3 (08 Nov 2010)
+
+  08 Nov 2010; Krzysztof Pawlik <nelchael@gentoo.org>
+  -rng-tools-2-r2.ebuild, -rng-tools-2-r3.ebuild, +files/rngd-confd-3,
+  -files/2-r2/rngd, +files/rngd-initd-3, +rng-tools-3.ebuild,
+  -files/2-r2/rngd-conf, -files/rngd_tpm_support.patch,
+  -files/rngd_tpm_support2.patch:
+  Version bump, remove old versions. rng-tools-3 contains support for TPM
+  devices.
 
   15 Sep 2010; Robin H. Johnson <robbat2@gentoo.org> files/2-r2/rngd,
   files/2-r2/rngd-conf:
diff --git a/sys-apps/rng-tools/files/2-r2/rngd b/sys-apps/rng-tools/files/2-r2/rngd
deleted file mode 100644
index 76ac703069bc..000000000000
--- a/sys-apps/rng-tools/files/2-r2/rngd
+++ /dev/null
@@ -1,61 +0,0 @@
-#!/sbin/runscript
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/files/2-r2/rngd,v 1.2 2010/09/15 08:36:14 robbat2 Exp $
-
-depend() {
-	need localmount
-	after random
-}
-
-BINARY=/usr/sbin/rngd
-# Do NOT add /dev/tpm to this.
-DEFAULT_DEVICE="/dev/hw_random* /dev/hwrandom* /dev/i810_rng /dev/hwrng*"
-DEFAULT_TPM_DEVICE="/dev/tpm*"
-[ $DO_NOT_REMIX_URANDOM -eq 0 ] && DEFAULT_DEVICE="${DEFAULT_DEVICE} /dev/urandom"
-
-find_device() {
-	# The echo is to cause globbing
-	for d in $*; do
-		[ -e "$d" ] && break
-	done
-	echo "$d"
-}
-
-find_rng_device() {
-	local d="$(find_device $(echo ${DEVICE-${DEFAULT_DEVICE}}))"
-	[ -z "${d}" ] && d=/dev/null
-	echo "$d"
-}
-
-find_tpm_device() {
-	local d="$(find_device $(echo ${TPM_DEVICE-${DEFAULT_TPM_DEVICE}}))"
-	[ -z "${d}" ] && d=/dev/null
-	echo "$d"
-}
-
-start() {
-	local d t
-	d="$(find_rng_device)"
-	[ "${NO_TPM}" == "1" ] || t="$(find_tpm_device)"
-	[ -z "${d}" ] && d=/dev/null
-	[ -z "${t}" ] && t=/dev/null
-	# TODO: find a better way to handle multiple feedback devices.
-	# Notice that we only warn if TPM is not available.
-	[ "$d" == "/dev/urandom" -a "$t" == "/dev/null" ] && ewarn "No hardware RNG found, using $d as feedback input"
-	# Now sanity check and start.
-	if [ "$d" != "/dev/null" -o "$t" != "/dev/null" ]; then
-		ebegin "Starting hardware RNG daemon"
-		start-stop-daemon --start --quiet --exec ${BINARY} -- -b -s ${STEP-64} -t ${TIMEOUT-60} --no-tpm=${NO_TPM-0} -W ${WATERMARK-2048} -r $d
-		eend $? "Failed to start hardware RNG daemon"
-	else
-		eerror "No hardware RNG or feedback source available."
-		return 1
-	fi
-}
-
-stop() {
-	ebegin "Stopping hardware RNG daemon"
-	start-stop-daemon --stop --quiet --exec ${BINARY}
-	eend $? "Failed to stop hardware RNG daemon"
-}
diff --git a/sys-apps/rng-tools/files/2-r2/rngd-conf b/sys-apps/rng-tools/files/2-r2/rngd-conf
deleted file mode 100644
index 0702ece0ae14..000000000000
--- a/sys-apps/rng-tools/files/2-r2/rngd-conf
+++ /dev/null
@@ -1,27 +0,0 @@
-# /etc/conf.d/rngd
-
-# Please see "/usr/sbin/rngd --help" and "man rngd" for more information
-
-# If a single device is preferred, then specify it here, otherwise we will
-# search for suitable devices. TPM is specified via a later option, not this
-# one.
-#DEVICE=
-#TPM_DEVICE=
-
-# Random step (Number of bytes written to random-device at a time):
-STEP=64
-
-# Timeout (Interval written to random-device when the entropy pool is full):
-TIMEOUT=60
-
-# Should TPM be avoided?
-NO_TPM=0
-
-# Fill watermark
-# 0 <= n <= 4096
-WATERMARK=2048
-
-# Bug #292239: Remixing /dev/urandom back into /dev/random is considered a
-# security vulnerability in some cases where not enough entropy is present on
-# systems.
-DO_NOT_REMIX_URANDOM=0
diff --git a/sys-apps/rng-tools/files/rngd-confd-3 b/sys-apps/rng-tools/files/rngd-confd-3
new file mode 100644
index 000000000000..0702ece0ae14
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd-confd-3
@@ -0,0 +1,27 @@
+# /etc/conf.d/rngd
+
+# Please see "/usr/sbin/rngd --help" and "man rngd" for more information
+
+# If a single device is preferred, then specify it here, otherwise we will
+# search for suitable devices. TPM is specified via a later option, not this
+# one.
+#DEVICE=
+#TPM_DEVICE=
+
+# Random step (Number of bytes written to random-device at a time):
+STEP=64
+
+# Timeout (Interval written to random-device when the entropy pool is full):
+TIMEOUT=60
+
+# Should TPM be avoided?
+NO_TPM=0
+
+# Fill watermark
+# 0 <= n <= 4096
+WATERMARK=2048
+
+# Bug #292239: Remixing /dev/urandom back into /dev/random is considered a
+# security vulnerability in some cases where not enough entropy is present on
+# systems.
+DO_NOT_REMIX_URANDOM=0
diff --git a/sys-apps/rng-tools/files/rngd-initd-3 b/sys-apps/rng-tools/files/rngd-initd-3
new file mode 100644
index 000000000000..00aa5e484487
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd-initd-3
@@ -0,0 +1,61 @@
+#!/sbin/runscript
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/files/rngd-initd-3,v 1.1 2010/11/08 12:18:53 nelchael Exp $
+
+depend() {
+	need localmount
+	after random
+}
+
+BINARY=/usr/sbin/rngd
+# Do NOT add /dev/tpm to this.
+DEFAULT_DEVICE="/dev/hw_random* /dev/hwrandom* /dev/i810_rng /dev/hwrng*"
+DEFAULT_TPM_DEVICE="/dev/tpm*"
+[ $DO_NOT_REMIX_URANDOM -eq 0 ] && DEFAULT_DEVICE="${DEFAULT_DEVICE} /dev/urandom"
+
+find_device() {
+	# The echo is to cause globbing
+	for d in $*; do
+		[ -e "$d" ] && break
+	done
+	echo "$d"
+}
+
+find_rng_device() {
+	local d="$(find_device $(echo ${DEVICE-${DEFAULT_DEVICE}}))"
+	[ -z "${d}" ] && d=/dev/null
+	echo "$d"
+}
+
+find_tpm_device() {
+	local d="$(find_device $(echo ${TPM_DEVICE-${DEFAULT_TPM_DEVICE}}))"
+	[ -z "${d}" ] && d=/dev/null
+	echo "$d"
+}
+
+start() {
+	local d t
+	d="$(find_rng_device)"
+	[ "${NO_TPM}" == "1" ] || t="$(find_tpm_device)"
+	[ -z "${d}" ] && d=/dev/null
+	[ -z "${t}" ] && t=/dev/null
+	# TODO: find a better way to handle multiple feedback devices.
+	# Notice that we only warn if TPM is not available.
+	[ "$d" == "/dev/urandom" -a "$t" == "/dev/null" ] && ewarn "No hardware RNG found, using $d as feedback input"
+	# Now sanity check and start.
+	if [ "$d" != "/dev/null" -o "$t" != "/dev/null" ]; then
+		ebegin "Starting hardware RNG daemon"
+		start-stop-daemon --start --quiet --exec ${BINARY} -- -b -s ${STEP-64} -t ${TIMEOUT-60} --no-tpm=${NO_TPM-0} -W ${WATERMARK-2048} -r $d
+		eend $? "Failed to start hardware RNG daemon"
+	else
+		eerror "No hardware RNG or feedback source available."
+		return 1
+	fi
+}
+
+stop() {
+	ebegin "Stopping hardware RNG daemon"
+	start-stop-daemon --stop --quiet --exec ${BINARY}
+	eend $? "Failed to stop hardware RNG daemon"
+}
diff --git a/sys-apps/rng-tools/files/rngd_tpm_support.patch b/sys-apps/rng-tools/files/rngd_tpm_support.patch
deleted file mode 100644
index 0edc47109e0a..000000000000
--- a/sys-apps/rng-tools/files/rngd_tpm_support.patch
+++ /dev/null
@@ -1,288 +0,0 @@
-Patch taken from http://sourceforge.net/tracker/?func=detail&aid=2261574&group_id=3242&atid=353242
-
-diff -uNr rng-tools-2-orig/rngd.c rng-tools-2/rngd.c
---- rng-tools-2-orig/rngd.c	2004-08-24 23:30:00.000000000 +0530
-+++ rng-tools-2/rngd.c	2008-11-11 15:39:31.000000000 +0530
-@@ -91,6 +91,8 @@
- 
- 	{ "timeout", 't', "nnn", 0,
- 	  "Interval written to random-device when the entropy pool is full, in seconds (default: 60)" },
-+	{ "no-tpm", 'n', "1|0", 0,
-+	  "do not use tpm as a source of random number input (default: 0)" },
- 
- 	{ 0 },
- };
-@@ -102,6 +104,7 @@
- 	.random_step	= 64,
- 	.fill_watermark = 2048,
- 	.daemon		= 1,
-+	.no_tpm		=0,
- };
- struct arguments *arguments = &default_arguments;
- 
-@@ -147,6 +150,15 @@
- 			arguments->fill_watermark = n;
- 		break;
- 	}
-+	case 'n': {
-+		int n;
-+		if ((sscanf(arg,"%i", &n) == 0) || ((n | 1)!=1))
-+			argp_usage(state);
-+		else
-+			arguments->no_tpm=0;
-+		break;
-+			
-+	}
- 
- 	default:
- 		return ARGP_ERR_UNKNOWN;
-@@ -162,26 +174,41 @@
- 		    double poll_timeout)
- {
- 	unsigned char buf[FIPS_RNG_BUFFER_SIZE];
--	unsigned char *p;
--	int fips;
-+	int fips,retval;
- 
- 	for (;;) {
--		xread(buf, sizeof buf);
-+		if (arguments->no_tpm == 0) {
-+			retval=xread_tpm(buf, sizeof buf);
-+			if (retval < 0)
-+				sleep(1);
-+			else
-+				update_kernel_random(random_step,
-+					poll_timeout, buf, &tpm_fipsctx);
-+		}
-+		retval=xread(buf, sizeof buf);
-+		if (retval > 0)
-+			update_kernel_random(random_step,
-+				poll_timeout, buf, &fipsctx);
-+	}
-+}
- 
--		fips = fips_run_rng_test(&fipsctx, buf);
-+int update_kernel_random(int random_step, double poll_timeout,
-+	unsigned char *buf, fips_ctx_t *fipsctx) {
- 
--		if (fips) {
--			message(LOG_DAEMON|LOG_ERR, "failed fips test\n");
--			sleep(1);
--			continue;
--		}
-+	int fips;
-+	unsigned char *p;
-+	fips = fips_run_rng_test(fipsctx, buf);
-+	if (fips) {
-+		message(LOG_DAEMON|LOG_ERR, "failed fips test\n");
-+		return 1;
-+	}
- 
--		for (p = buf; p + random_step <= &buf[sizeof buf];
--		     p += random_step) {
--			random_add_entropy(p, random_step);
--			random_sleep(poll_timeout);
--		}
-+	for (p = buf; p + random_step <= &buf[FIPS_RNG_BUFFER_SIZE];
-+		 p += random_step) {
-+		random_add_entropy(p, random_step);
-+		random_sleep(poll_timeout);
- 	}
-+	return 0;
- }
- 
- 
-diff -uNr rng-tools-2-orig/rngd_entsource.c rng-tools-2/rngd_entsource.c
---- rng-tools-2-orig/rngd_entsource.c	2004-04-15 10:36:17.000000000 +0530
-+++ rng-tools-2/rngd_entsource.c	2008-11-11 15:39:31.000000000 +0530
-@@ -35,6 +35,7 @@
- #include <errno.h>
- #include <syslog.h>
- #include <string.h>
-+#include <signal.h>
- 
- #include "rngd.h"
- #include "fips.h"
-@@ -42,17 +43,27 @@
- #include "rngd_entsource.h"
- 
- 
--/* Logic and contexts */
--static int rng_fd;			/* rng data source */
--fips_ctx_t fipsctx;			/* Context for the FIPS tests */
-+/* The overhead incured when tpm returns the random nos as per TCG spec 
-+ * it is 14 bytes.*/
-+#define TPM_GET_RNG_OVERHEAD	14
- 
-+static const char *rng_device="/dev/tpm0";
-+/* Logic and contexts */
-+static int rng_fd;	/* rng data source */
-+fips_ctx_t fipsctx;	/* Context for the FIPS tests */
-+fips_ctx_t tpm_fipsctx;	/* Context for the tpm FIPS tests */
- 
- /* Read data from the entropy source */
--void xread(void *buf, size_t size)
-+int xread(void *buf, size_t size)
- {
- 	size_t off = 0;
- 	ssize_t r;
- 
-+	/* Do nothing if we have no hw rng, maybe we have tpm */
-+	if (rng_fd < 0) {
-+		message(LOG_DAEMON|LOG_ERR, "Invalid file handle\n");
-+		return -1;
-+	}
- 	while (size > 0) {
- 		do {
- 			r = read(rng_fd, buf + off, size);
-@@ -65,8 +76,85 @@
- 
- 	if (size) {
- 		message(LOG_DAEMON|LOG_ERR, "read error\n");
--		exit(1);
-+		return -1;
-+	}
-+	return 0;
-+}
-+
-+alarm_handler(int i) {
-+	;
-+}
-+/* tpm rng read call to kernel has 13 bytes of overhead
-+ * the logic to process this involves reading to a temporary_buf
-+ * and copying the no generated to buf*/
-+int xread_tpm(void *buf, size_t size)
-+{
-+	size_t bytes_read = 0;
-+	ssize_t r;
-+	int retval,rngtpm_fd;
-+	unsigned char *temp_buf=NULL;
-+	unsigned char rng_cmd[] = {
-+		0, 193,            /* TPM_TAG_RQU_COMMAND */
-+		0, 0, 0, 14,       /* length */
-+		0, 0, 0, 70,       /* TPM_ORD_GetRandom */
-+		0, 0, 0, 0,        /* number of bytes to return */
-+	};
-+	char *offset;
-+	
-+	rngtpm_fd=open(rng_device, O_RDWR);
-+	if (rngtpm_fd < 0) {
-+		message(LOG_ERR|LOG_INFO,
-+			"Unable to open %s: %s\n",rng_device,strerror(errno));
-+		return -1;
-+	}
-+
-+	temp_buf= (unsigned char *) malloc(size + TPM_GET_RNG_OVERHEAD);
-+	memset(temp_buf,0,(size+TPM_GET_RNG_OVERHEAD));
-+	if (temp_buf == NULL) {
-+		message(LOG_ERR|LOG_INFO,"No memory");
-+		return -1;
-+	}
-+	/* 32 bits has been reserved for random byte size */
-+	rng_cmd[13]=(unsigned char)(size & 0xFF);
-+	rng_cmd[12]=(unsigned char)((size >> 8) & 0xFF);
-+	rng_cmd[11]=(unsigned char)((size >> 16) & 0xFF);
-+	rng_cmd[10]=(unsigned char)((size >> 24) & 0xFF);
-+	offset=buf;
-+	while (bytes_read < size) {
-+		r=0;
-+		while (r < sizeof(rng_cmd)) {
-+			retval=write(rngtpm_fd,rng_cmd + r,sizeof(rng_cmd)-r);
-+			if (retval < 0) {
-+				message(LOG_ERR|LOG_INFO,
-+					"Error writing %s\n",rng_device);
-+				retval=-1;
-+				goto error_out;
-+			}
-+			r+=retval;
-+		}
-+		if (r < sizeof(rng_cmd)) {
-+			message(LOG_ERR|LOG_INFO,
-+				"Error writing %s\n",rng_device);
-+			retval=-1;
-+			goto error_out;
-+		}
-+		r=read(rngtpm_fd,temp_buf,size);
-+		r=(r - TPM_GET_RNG_OVERHEAD);
-+		bytes_read=bytes_read + r;
-+		if (bytes_read > size) {
-+			memcpy(offset,temp_buf + TPM_GET_RNG_OVERHEAD,
-+				r - (bytes_read - size));
-+			break;
-+		}
-+		memcpy(offset, temp_buf + TPM_GET_RNG_OVERHEAD,
-+			r);
-+		offset=offset+r;
- 	}
-+	retval=0;
-+error_out:
-+	free(temp_buf);
-+	close(rngtpm_fd);
-+	return retval;
- }
- 
- /* Initialize entropy source */
-@@ -93,14 +181,31 @@
-  */
- void init_entropy_source(const char* sourcedev)
- {
-+	/* We cannot keep the tpm device open always.
-+	 * We need to open get random data and close
-+	 * to allow tpm-tools and other utilities
-+	 * access to /dev/tpm */
-+	int tpm_fd;
- 	rng_fd = open(sourcedev, O_RDONLY);
- 	if (rng_fd == -1) {
- 		message(LOG_DAEMON|LOG_ERR, "can't open %s: %s",
- 			sourcedev, strerror(errno));
--		exit(EXIT_FAIL);
-+		/* Try to open tpm this is just a test, no point in proceeding further
-+		 * if no source of entropy is present
-+		 */
-+		tpm_fd = open(rng_device, O_RDONLY);
-+		if (tpm_fd < 0 ) {
-+			message(LOG_DAEMON|LOG_ERR,
-+				"can't open entropy source(tpm or intel/amd rng) %s",
-+				strerror(errno));
-+			message(LOG_DAEMON|LOG_ERR,"Maybe RNG device modules are not loaded\n");
-+			exit(1);
-+		}
-+		close(tpm_fd);
- 	}
- 
- 	/* Bootstrap FIPS tests */
- 	fips_init(&fipsctx, discard_initial_data());
-+	fips_init(&tpm_fipsctx, 0);
- }
- 
-diff -uNr rng-tools-2-orig/rngd_entsource.h rng-tools-2/rngd_entsource.h
---- rng-tools-2-orig/rngd_entsource.h	2004-04-15 10:34:45.000000000 +0530
-+++ rng-tools-2/rngd_entsource.h	2008-11-11 15:39:31.000000000 +0530
-@@ -28,7 +28,7 @@
- 
- /* Logic and contexts */
- extern fips_ctx_t fipsctx;		/* Context for the FIPS tests */
--
-+extern fips_ctx_t tpm_fipsctx;	/* Context for the tpm FIPS tests */
- /*
-  * Initialize entropy source and entropy conditioning
-  *
-@@ -37,6 +37,6 @@
- extern void init_entropy_source(const char* sourcedev);
- 
- /* Read data from the entropy source */
--void xread(void *buf, size_t size);
-+int xread(void *buf, size_t size);
- 
- #endif /* RNGD_ENTSOURCE__H */
-diff -uNr rng-tools-2-orig/rngd.h rng-tools-2/rngd.h
---- rng-tools-2-orig/rngd.h	2004-08-24 23:23:04.000000000 +0530
-+++ rng-tools-2/rngd.h	2008-11-11 15:39:31.000000000 +0530
-@@ -42,6 +42,7 @@
- 	double poll_timeout;
- 
- 	int daemon;
-+	int no_tpm;
- };
- extern struct arguments *arguments;
- 
diff --git a/sys-apps/rng-tools/files/rngd_tpm_support2.patch b/sys-apps/rng-tools/files/rngd_tpm_support2.patch
deleted file mode 100644
index 194a2186c53e..000000000000
--- a/sys-apps/rng-tools/files/rngd_tpm_support2.patch
+++ /dev/null
@@ -1,309 +0,0 @@
-New TPM-RNG patch from http://sourceforge.net/tracker/?func=detail&aid=2882127&group_id=3242&atid=303242
-
-diff -urNp --exclude-from=/home/mdomsch/excludes --minimal rng-tools-2.orig/rngd.c rng-tools-2/rngd.c
---- rng-tools-2.orig/rngd.c	2009-10-19 22:35:03.023278725 -0500
-+++ rng-tools-2/rngd.c	2009-10-19 22:49:42.100279205 -0500
-@@ -91,6 +91,8 @@ static struct argp_option options[] = {
- 
- 	{ "timeout", 't', "nnn", 0,
- 	  "Interval written to random-device when the entropy pool is full, in seconds (default: 60)" },
-+	{ "no-tpm", 'n', "1|0", 0,
-+	  "do not use tpm as a source of random number input (default: 0)" },
- 
- 	{ 0 },
- };
-@@ -102,6 +104,7 @@ static struct arguments default_argument
- 	.random_step	= 64,
- 	.fill_watermark = 2048,
- 	.daemon		= 1,
-+	.no_tpm		= 0,
- };
- struct arguments *arguments = &default_arguments;
- 
-@@ -147,6 +150,14 @@ static error_t parse_opt (int key, char 
- 			arguments->fill_watermark = n;
- 		break;
- 	}
-+	case 'n': {
-+		int n;
-+		if ((sscanf(arg,"%i", &n) == 0) || ((n | 1)!=1))
-+			argp_usage(state);
-+		else
-+			arguments->no_tpm=0;
-+		break;
-+	}
- 
- 	default:
- 		return ARGP_ERR_UNKNOWN;
-@@ -158,39 +169,60 @@ static error_t parse_opt (int key, char 
- static struct argp argp = { options, parse_opt, NULL, doc };
- 
- 
-+static int update_kernel_random(int random_step, double poll_timeout,
-+	unsigned char *buf, fips_ctx_t *fipsctx) {
-+
-+	int fips;
-+	unsigned char *p;
-+	fips = fips_run_rng_test(fipsctx, buf);
-+	if (fips) {
-+		message(LOG_DAEMON|LOG_ERR, "failed fips test\n");
-+		return 1;
-+	}
-+
-+	for (p = buf; p + random_step <= &buf[FIPS_RNG_BUFFER_SIZE];
-+		 p += random_step) {
-+		random_add_entropy(p, random_step);
-+		random_sleep(poll_timeout);
-+	}
-+	return 0;
-+}
-+
- static void do_loop(int random_step,
- 		    double poll_timeout)
- {
- 	unsigned char buf[FIPS_RNG_BUFFER_SIZE];
--	unsigned char *p;
--	int fips;
-+	int retval;
- 
- 	for (;;) {
--		xread(buf, sizeof buf);
--
--		fips = fips_run_rng_test(&fipsctx, buf);
--
--		if (fips) {
--			message(LOG_DAEMON|LOG_ERR, "failed fips test\n");
--			sleep(1);
--			continue;
--		}
--
--		for (p = buf; p + random_step <= &buf[sizeof buf];
--		     p += random_step) {
--			random_add_entropy(p, random_step);
--			random_sleep(poll_timeout);
-+		if (arguments->no_tpm == 0) {
-+			retval=xread_tpm(buf, sizeof buf);
-+			if (retval >= 0)
-+				update_kernel_random(random_step,
-+						     poll_timeout, buf, &tpm_fipsctx);
- 		}
-+		retval=xread(buf, sizeof buf);
-+		if (retval > 0)
-+			update_kernel_random(random_step,
-+				poll_timeout, buf, &fipsctx);
- 	}
- }
- 
- 
- int main(int argc, char **argv)
- {
-+	int rc_rng, rc_tpm;
- 	argp_parse(&argp, argc, argv, 0, 0, arguments);
- 
- 	/* Init entropy source, and open TRNG device */
--	init_entropy_source(arguments->rng_name);
-+	rc_rng = init_entropy_source(arguments->rng_name);
-+	rc_tpm = init_tpm_entropy_source();
-+	if (rc_rng && rc_tpm) {
-+		message(LOG_DAEMON|LOG_ERR,
-+			"can't open entropy source(tpm or intel/amd rng)");
-+		message(LOG_DAEMON|LOG_ERR,"Maybe RNG device modules are not loaded\n");
-+		return 1;
-+	}
- 
- 	/* Init entropy sink and open random device */
- 	init_kernel_rng(arguments->random_name);
-diff -urNp --exclude-from=/home/mdomsch/excludes --minimal rng-tools-2.orig/rngd_entsource.c rng-tools-2/rngd_entsource.c
---- rng-tools-2.orig/rngd_entsource.c	2004-04-15 00:06:17.000000000 -0500
-+++ rng-tools-2/rngd_entsource.c	2009-10-19 22:43:46.489263797 -0500
-@@ -42,17 +42,27 @@
- #include "rngd_entsource.h"
- 
- 
--/* Logic and contexts */
--static int rng_fd;			/* rng data source */
--fips_ctx_t fipsctx;			/* Context for the FIPS tests */
-+/* The overhead incured when tpm returns the random nos as per TCG spec 
-+ * it is 14 bytes.*/
-+#define TPM_GET_RNG_OVERHEAD	14
- 
-+/* Logic and contexts */
-+static int rng_fd;	/* rng data source */
-+static const char *tpm_device="/dev/tpm0";
-+static int has_tpm;
-+fips_ctx_t fipsctx;	/* Context for the FIPS tests */
-+fips_ctx_t tpm_fipsctx;	/* Context for the tpm FIPS tests */
- 
- /* Read data from the entropy source */
--void xread(void *buf, size_t size)
-+int xread(void *buf, size_t size)
- {
- 	size_t off = 0;
- 	ssize_t r;
- 
-+	/* Do nothing if we have no hw rng, maybe we have tpm */
-+	if (rng_fd < 0)
-+		return -1;
-+
- 	while (size > 0) {
- 		do {
- 			r = read(rng_fd, buf + off, size);
-@@ -65,8 +75,84 @@ void xread(void *buf, size_t size)
- 
- 	if (size) {
- 		message(LOG_DAEMON|LOG_ERR, "read error\n");
--		exit(1);
-+		return -1;
-+	}
-+	return 0;
-+}
-+
-+/* tpm rng read call to kernel has 13 bytes of overhead
-+ * the logic to process this involves reading to a temporary_buf
-+ * and copying the no generated to buf*/
-+int xread_tpm(void *buf, size_t size)
-+{
-+	size_t bytes_read = 0;
-+	ssize_t r;
-+	int retval,tpm_fd;
-+	unsigned char *temp_buf=NULL;
-+	unsigned char rng_cmd[] = {
-+		0, 193,            /* TPM_TAG_RQU_COMMAND */
-+		0, 0, 0, 14,       /* length */
-+		0, 0, 0, 70,       /* TPM_ORD_GetRandom */
-+		0, 0, 0, 0,        /* number of bytes to return */
-+	};
-+	char *offset;
-+
-+	if (!has_tpm)
-+		return -1;
-+	tpm_fd=open(tpm_device, O_RDWR);
-+	if (tpm_fd < 0) {
-+		message(LOG_ERR|LOG_INFO,
-+			"Unable to open %s: %s\n",tpm_device,strerror(errno));
-+		return -1;
-+	}
-+
-+	temp_buf= (unsigned char *) malloc(size + TPM_GET_RNG_OVERHEAD);
-+	memset(temp_buf,0,(size+TPM_GET_RNG_OVERHEAD));
-+	if (temp_buf == NULL) {
-+		message(LOG_ERR|LOG_INFO,"No memory");
-+		return -1;
-+	}
-+	/* 32 bits has been reserved for random byte size */
-+	rng_cmd[13]=(unsigned char)(size & 0xFF);
-+	rng_cmd[12]=(unsigned char)((size >> 8) & 0xFF);
-+	rng_cmd[11]=(unsigned char)((size >> 16) & 0xFF);
-+	rng_cmd[10]=(unsigned char)((size >> 24) & 0xFF);
-+	offset=buf;
-+	while (bytes_read < size) {
-+		r=0;
-+		while (r < sizeof(rng_cmd)) {
-+			retval=write(tpm_fd,rng_cmd + r,sizeof(rng_cmd)-r);
-+			if (retval < 0) {
-+				message(LOG_ERR|LOG_INFO,
-+					"Error writing %s\n",tpm_device);
-+				retval=-1;
-+				goto error_out;
-+			}
-+			r+=retval;
-+		}
-+		if (r < sizeof(rng_cmd)) {
-+			message(LOG_ERR|LOG_INFO,
-+				"Error writing %s\n",tpm_device);
-+			retval=-1;
-+			goto error_out;
-+		}
-+		r=read(tpm_fd,temp_buf,size);
-+		r=(r - TPM_GET_RNG_OVERHEAD);
-+		bytes_read=bytes_read + r;
-+		if (bytes_read > size) {
-+			memcpy(offset,temp_buf + TPM_GET_RNG_OVERHEAD,
-+				r - (bytes_read - size));
-+			break;
-+		}
-+		memcpy(offset, temp_buf + TPM_GET_RNG_OVERHEAD,
-+			r);
-+		offset=offset+r;
- 	}
-+	retval=0;
-+error_out:
-+	free(temp_buf);
-+	close(tpm_fd);
-+	return retval;
- }
- 
- /* Initialize entropy source */
-@@ -91,16 +177,32 @@ static int discard_initial_data(void)
- /*
-  * Open entropy source, and initialize it
-  */
--void init_entropy_source(const char* sourcedev)
-+int init_entropy_source(const char* sourcedev)
- {
- 	rng_fd = open(sourcedev, O_RDONLY);
- 	if (rng_fd == -1) {
--		message(LOG_DAEMON|LOG_ERR, "can't open %s: %s",
--			sourcedev, strerror(errno));
--		exit(EXIT_FAIL);
-+		return 1;
- 	}
--
- 	/* Bootstrap FIPS tests */
- 	fips_init(&fipsctx, discard_initial_data());
-+	return 0;
-+}
-+
-+/*
-+ * Open tpm entropy source, and initialize it
-+ */
-+int init_tpm_entropy_source(void)
-+{
-+	int tpm_fd;
-+	tpm_fd = open(tpm_device, O_RDONLY);
-+	if (tpm_fd == -1) {
-+		return 1;
-+	}
-+	close(tpm_fd);
-+
-+	/* Bootstrap FIPS tests */
-+	fips_init(&tpm_fipsctx, 0);
-+	has_tpm=1;
-+	return 0;
- }
- 
-diff -urNp --exclude-from=/home/mdomsch/excludes --minimal rng-tools-2.orig/rngd_entsource.h rng-tools-2/rngd_entsource.h
---- rng-tools-2.orig/rngd_entsource.h	2004-04-15 00:04:45.000000000 -0500
-+++ rng-tools-2/rngd_entsource.h	2009-10-19 22:47:49.668279183 -0500
-@@ -28,15 +28,18 @@
- 
- /* Logic and contexts */
- extern fips_ctx_t fipsctx;		/* Context for the FIPS tests */
-+extern fips_ctx_t tpm_fipsctx;	/* Context for the tpm FIPS tests */
- 
- /*
-  * Initialize entropy source and entropy conditioning
-  *
-  * sourcedev is the path to the entropy source
-  */
--extern void init_entropy_source(const char* sourcedev);
-+extern int init_entropy_source(const char* sourcedev);
-+extern int init_tpm_entropy_source(void);
- 
- /* Read data from the entropy source */
--void xread(void *buf, size_t size);
-+extern int xread(void *buf, size_t size);
-+extern int xread_tpm(void *buf, size_t size);
- 
- #endif /* RNGD_ENTSOURCE__H */
-diff -urNp --exclude-from=/home/mdomsch/excludes --minimal rng-tools-2.orig/rngd.h rng-tools-2/rngd.h
---- rng-tools-2.orig/rngd.h	2004-08-24 12:53:04.000000000 -0500
-+++ rng-tools-2/rngd.h	2009-10-19 22:35:32.631263134 -0500
-@@ -42,6 +42,7 @@ struct arguments {
- 	double poll_timeout;
- 
- 	int daemon;
-+	int no_tpm;
- };
- extern struct arguments *arguments;
- 
diff --git a/sys-apps/rng-tools/rng-tools-2-r2.ebuild b/sys-apps/rng-tools/rng-tools-2-r2.ebuild
deleted file mode 100644
index 1e7ca7c351d2..000000000000
--- a/sys-apps/rng-tools/rng-tools-2-r2.ebuild
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright 1999-2009 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/rng-tools-2-r2.ebuild,v 1.1 2009/11/10 03:15:03 robbat2 Exp $
-
-EAPI=2
-inherit autotools
-
-DESCRIPTION="Daemon to use hardware random number generators."
-HOMEPAGE="http://gkernel.sourceforge.net/"
-SRC_URI="mirror://sourceforge/gkernel/${P}.tar.gz"
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~x86"
-IUSE=""
-DEPEND=""
-RDEPEND=""
-
-src_prepare() {
-	epatch "${FILESDIR}"/rngd_tpm_support.patch
-
-	echo 'bin_PROGRAMS = randstat' >> contrib/Makefile.am
-	eautoreconf
-}
-
-src_install() {
-	make DESTDIR="${D}" install || die
-
-	dodoc AUTHORS ChangeLog
-	doinitd "${FILESDIR}/2-r2/rngd"
-	newconfd "${FILESDIR}/2-r2/rngd-conf" rngd
-}
diff --git a/sys-apps/rng-tools/rng-tools-2-r3.ebuild b/sys-apps/rng-tools/rng-tools-2-r3.ebuild
deleted file mode 100644
index b8a0326cd78c..000000000000
--- a/sys-apps/rng-tools/rng-tools-2-r3.ebuild
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/rng-tools-2-r3.ebuild,v 1.1 2010/09/15 08:30:51 robbat2 Exp $
-
-EAPI=2
-inherit autotools
-
-DESCRIPTION="Daemon to use hardware random number generators."
-HOMEPAGE="http://gkernel.sourceforge.net/"
-SRC_URI="mirror://sourceforge/gkernel/${P}.tar.gz"
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~x86"
-IUSE=""
-DEPEND=""
-RDEPEND=""
-
-src_prepare() {
-	epatch "${FILESDIR}"/rngd_tpm_support2.patch
-
-	echo 'bin_PROGRAMS = randstat' >> contrib/Makefile.am
-	eautoreconf
-}
-
-src_install() {
-	make DESTDIR="${D}" install || die
-
-	dodoc AUTHORS ChangeLog
-	doinitd "${FILESDIR}/2-r2/rngd"
-	newconfd "${FILESDIR}/2-r2/rngd-conf" rngd
-}
diff --git a/sys-apps/rng-tools/rng-tools-3.ebuild b/sys-apps/rng-tools/rng-tools-3.ebuild
new file mode 100644
index 000000000000..31d0beea5637
--- /dev/null
+++ b/sys-apps/rng-tools/rng-tools-3.ebuild
@@ -0,0 +1,29 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/rng-tools/rng-tools-3.ebuild,v 1.1 2010/11/08 12:18:52 nelchael Exp $
+
+EAPI=2
+inherit autotools
+
+DESCRIPTION="Daemon to use hardware random number generators."
+HOMEPAGE="http://gkernel.sourceforge.net/"
+SRC_URI="mirror://sourceforge/gkernel/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~x86"
+IUSE=""
+DEPEND=""
+RDEPEND=""
+
+src_prepare() {
+	echo 'bin_PROGRAMS = randstat' >> contrib/Makefile.am
+	eautoreconf
+}
+
+src_install() {
+	make DESTDIR="${D}" install || die
+
+	dodoc AUTHORS ChangeLog
+	newinitd "${FILESDIR}/rngd-initd-${PV}" rngd
+	newconfd "${FILESDIR}/rngd-confd-${PV}" rngd
+}
-- 
cgit v1.2.3-65-gdbad