tpm2-util: fix PCR bank guessing without EFI

tpm2-util: fix PCR bank guessing without EFI

Since 7643e4a89 efi_get_active_pcr_banks() is used to determine the
active PCR banks. Without EFI support, this returns -EOPNOTSUPP. This in
turns leads to cryptenroll and cryptsetup attach failures unless the PCR
bank is explicitly set, i.e.

$ systemd-cryptenroll $LUKS_PART --tpm2-device=auto --tpm2-pcrs='7'
[...]
Could not read pcr values: Operation not supported

But it works fine with --tpm2-pcrs='7:sha256'.

Similarly, unsealing during cryptsetup attach also fails if the bank
needs to be determined:

Failed to unseal secret using TPM2: Operation not supported

Catch the -EOPNOTSUPP and fallback to the guessing strategy.

Signed-off-by: Patrick Wicki <patrick.wicki@subset.ch>