From 5d990a004b5ae6863f2c9a633b184c07dd73563d Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Tue, 23 Nov 2021 14:53:18 +0100
Subject: [PATCH] feat(crypt): check if tpm2-tss module is needed in hostonly
 mode

In hostonly mode, include the tpm2-tss module if any encrypted volumes
are configured to be decrypted using the TPM2 device.
---
 modules.d/90crypt/module-setup.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/modules.d/90crypt/module-setup.sh b/modules.d/90crypt/module-setup.sh
index acb9cf83..639d9cdd 100755
--- a/modules.d/90crypt/module-setup.sh
+++ b/modules.d/90crypt/module-setup.sh
@@ -18,7 +18,14 @@ check() {
 
 # called by dracut
 depends() {
-    echo dm rootfs-block
+    local deps
+    deps="dm rootfs-block"
+    if [[ $hostonly && -f "$dracutsysrootdir"/etc/crypttab ]]; then
+        if grep -q "tpm2-device=" "$dracutsysrootdir"/etc/crypttab; then
+            deps+=" tpm2-tss"
+        fi
+    fi
+    echo "$deps"
     return 0
 }