tpm2-util: properly load tpm2 libraries befre unsealing

We forgot a call to dlopen_tpm2() in the unseal codepaths. As long as
automatic TPM2 device discovery was used that didn't matter, since in
that codepaths we'd have another call dlopen_tpm2(). But with an
explicitly configured TPM2 device things should work too, hence add the
missing call.

Fixes: #19206

diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
index 8a0f45c2db764f2ff5415cc9a4b572c6de9918b8..4d17f3c96a2238ea92bc93e24c0ae9057e34e44f 100644 (file)
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@@ -686,6 +686,10 @@ int tpm2_unseal(
 
         assert(pcr_mask < (UINT32_C(1) << TPM2_PCRS_MAX)); /* Support 24 PCR banks */
 
+        r = dlopen_tpm2();
+        if (r < 0)
+                return log_error_errno(r, "TPM2 support is not installed.");
+
         /* So here's what we do here: We connect to the TPM2 chip. As we do when sealing we generate a
          * "primary" key on the TPM2 chip, with the same parameters as well as a PCR-bound policy
          * session. Given we pass the same parameters, this will result in the same "primary" key, and same