libvirt: Enable a software TPM by default

To test out e.g. the bootc `tpm2-luks` backend; also this is
just a general best practice.

Signed-off-by: Colin Walters <[email protected]>

Author: cgwalters

pkg/vm/domain-template.xml

@@ -25,6 +25,13 @@
       <target bus="virtio" dev="vda"></target>
       <transient/>
     </disk>
+    <tpm model='tpm-tis'>
+      <backend type='emulator' version='2.0'>
+        <active_pcr_banks>
+            <sha256/>
+        </active_pcr_banks>
+      </backend>
+    </tpm>
     {{.CloudInitCDRom}}
   </devices>
   <qemu:commandline>