Description of problem:
rngd.service fails to start with fips enabled

Version-Release number of selected component (if applicable):
RHEL8.8
rng-tools 6.15-3.el8

How reproducible:

1. fips-mode-setup --check
   FIPS mode is enabled.

1. systemctl restart rngd.service

1. systemctl status rngd.service
   ● rngd.service - Hardware RNG Entropy Gatherer Daemon
   Loaded: loaded (/usr/lib/systemd/system/rngd.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since Wed 2023-05-17 19:22:15 UTC; 6min ago
   Condition: start condition failed at Wed 2023-05-17 19:28:26 UTC; 2s ago
   └─ ConditionKernelCommandLine=!fips=1 was not met
   Main PID: 231 (code=exited, status=0/SUCCESS)

May 17 19:22:05 localhost rngd[231]: [rdrand]: Enabling RDRAND rng support
May 17 19:22:05 localhost rngd[231]: [rdrand]: Initialized
May 17 19:22:05 localhost rngd[231]: [jitter]: JITTER timeout set to 5 sec
May 17 19:22:05 localhost rngd[231]: [jitter]: Initializing AES buffer
May 17 19:22:09 localhost rngd[231]: [jitter]: Unable to obtain AES key, disabling JITTER source
May 17 19:22:09 localhost rngd[231]: [jitter]: Initialization Failed
May 17 19:22:15 localhost rngd[231]: [rdrand]: Shutting down
May 17 19:22:15 localhost systemd[1]: Stopping Hardware RNG Entropy Gatherer Daemon...
May 17 19:22:15 localhost systemd[1]: rngd.service: Succeeded.
May 17 19:22:15 localhost systemd[1]: Stopped Hardware RNG Entropy Gatherer Daemon.

Steps to Reproduce:
1. check and enable fips and reboot

1. fips-mode-setup --check
   Installation of FIPS modules is not completed.
   FIPS mode is disabled.

1. fips-mode-setup --enable
   Kernel initramdisks are being regenerated. This might take some time.
   Setting system policy to FIPS
   Note: System-wide crypto policies are applied on application start-up.
   It is recommended to restart the system for the change of policies
   to fully take place.
   FIPS mode will be enabled.
   Please reboot the system for the setting to take effect.

1. shutdown -r now

2. check the fips mode is enabled after the reboot

1. fips-mode-setup --check
   FIPS mode is enabled.

3. install rng-tools

1. dnf install rng-tools

4. start rngd.service

1. systemctl start rngd.service

5. check the status of rngd.service

1. systemctl status rngd.service
   ● rngd.service - Hardware RNG Entropy Gatherer Daemon
   Loaded: loaded (/usr/lib/systemd/system/rngd.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since Wed 2023-05-17 19:22:15 UTC; 6min ago
   Condition: start condition failed at Wed 2023-05-17 19:28:26 UTC; 2s ago
   └─ ConditionKernelCommandLine=!fips=1 was not met
   Main PID: 231 (code=exited, status=0/SUCCESS)

May 17 19:22:05 localhost rngd[231]: [rdrand]: Enabling RDRAND rng support
May 17 19:22:05 localhost rngd[231]: [rdrand]: Initialized
May 17 19:22:05 localhost rngd[231]: [jitter]: JITTER timeout set to 5 sec
May 17 19:22:05 localhost rngd[231]: [jitter]: Initializing AES buffer
May 17 19:22:09 localhost rngd[231]: [jitter]: Unable to obtain AES key, disabling JITTER source
May 17 19:22:09 localhost rngd[231]: [jitter]: Initialization Failed
May 17 19:22:15 localhost rngd[231]: [rdrand]: Shutting down
May 17 19:22:15 localhost systemd[1]: Stopping Hardware RNG Entropy Gatherer Daemon...
May 17 19:22:15 localhost systemd[1]: rngd.service: Succeeded.
May 17 19:22:15 localhost systemd[1]: Stopped Hardware RNG Entropy Gatherer Daemon.

Actual results:
rngd.service fails to start when fips enabled

Expected results:
rngd.service starts normally with fips enabled

Additional info:
I've noticed a new condition, "ConditionKernelCommandLine=!fips=1", added to "/usr/lib/systemd/system/rngd.service" file.
If I remove that line from the file then the service starts normally.
Is there a reason that this condition was added for fips?