creds-tool: add new "has-tpm2" verb

Sometimes it's useful from shell scripts to check if we have a working
TPM2 chip around. For example, when putting together encrypted
credentials for the initrd (after all: it might be wise to place the
root pw in a credential for the initrd to consume, but do so only if we
can lock it to the TPM2, and not otherwise, so that we risk nothing).

Hence, let's add a new "systemd-creds has-tpm2" verb: it returns zero if we
have a working TPM2 (which means: supported by kernel + firmware + us),
or non-zero otherwise. Also show which parts are available.

Use-case: in future the 'kernel-install' script should use this when
deciding whether to augment kernels with security sensitive credentials.

0 files changed, 0 insertions, 0 deletions