Unable to reencrypt volume when only TPM unlock is available

Issue description

Similar to #725 (closed), it is not possible to reencrypt volumes when only TPM unlock is available (e.g. systemd-tpm2 token only).

/ # cryptsetup reencrypt /dev/sda2
Enter passphrase for key slot 0:

When there is only one keyslot, related to a systemd-tpm2 token.

/ # cryptsetup luksDump /dev/sda2
LUKS header information
Version:        2
Epoch:          333
Metadata area:  16384 [bytes]
Keyslots area:  16744448 [bytes]
UUID:           d944d13a-f8c9-4310-bee5-890791fa7023
Label:          otaroot
Subsystem:      (no subsystem)
Flags:          (no flags)

Data segments:
  0: crypt
        offset: 16777216 [bytes]
        length: (whole device)
        cipher: aes-xts-plain64
        sector: 512 [bytes]

Keyslots:
  0: luks2
        Key:        512 bits
        Priority:   normal
        Cipher:     aes-xts-plain64
        Cipher key: 512 bits
        PBKDF:      pbkdf2
        Hash:       sha512
        Iterations: 1000
        Salt:       e3 7c 2e 18 07 c6 8c cc c7 15 04 02 6d 82 b6 5b
                    03 7d c8 ab ff 41 90 6d b1 20 2d 95 1f 8c 4c cd
        AF stripes: 4000
        AF hash:    sha512
        Area offset:290816 [bytes]
        Area length:258048 [bytes]
        Digest ID:  0
Tokens:
  0: systemd-tpm2
        tpm2-pcrs:  7
        tpm2-bank:  sha256
        tpm2-primary-alg:  ecc
        tpm2-blob:  00 9e 00 20 0d 23 00 30 c4 bd 57 67 52 55 21 82
                    b0 4f ba e5 61 d0 bd 01 4b 09 9f 03 c4 8d 0a 97
                    5d 3c 92 28 00 10 7d 9b 8c 4d b7 e4 23 0d 23 b3
                    62 3e b8 e1 62 76 a2 70 cf c9 01 7a e7 ca 2f e0
                    6d c4 12 47 5f d9 07 29 64 1a d7 b2 c0 25 1e 88
                    d0 bd 77 09 ac 46 7e e0 10 fb e5 4f a7 fe 6d 1e
                    65 3d c4 cf e1 b0 8d 0f 74 b6 2b e0 ca 44 3c e4
                    bf ca c0 e2 6b 81 b4 6e ff 2b 40 e6 f2 de b9 4c
                    63 8b dc 7d 0c 70 6e 5c 5b dc 78 8d 85 2d 70 ac
                    78 08 6b 20 e8 b4 a2 f6 e3 1a 10 f4 f8 4e 99 12
                    00 4e 00 08 00 0b 00 00 00 12 00 20 86 0e d1 f6
                    e3 49 84 56 16 f1 4e cb cd 56 76 b6 97 0e d2 48
                    4b 96 c9 af ee 27 a4 f2 de ce 48 84 00 10 00 20
                    5e 7e 31 12 7d 8f c4 d3 94 84 ea 09 89 e4 31 fe
                    52 92 a3 8a ca d0 a7 89 bd c4 24 b9 fc 9b de 57
        tpm2-policy-hash:
                    86 0e d1 f6 e3 49 84 56 16 f1 4e cb cd 56 76 b6
                    97 0e d2 48 4b 96 c9 af ee 27 a4 f2 de ce 48 84
        Keyslot:    0
Digests:
  0: pbkdf2
        Hash:       sha256
        Iterations: 326049
        Salt:       62 6e 5f e7 94 11 62 b2 2f 9b 66 b1 74 95 0b 0c
                    48 4f 53 23 4e bf 27 85 33 cd 53 c1 30 ed 04 a3
        Digest:     b0 dc e4 99 22 0c 23 b8 2b 29 56 63 e6 99 99 b1
                    df 68 94 13 98 7c 96 cc 60 14 ab bc 9b ae 75 7e 

Steps for reproducing the issue

Run cryptsetup reencrypt on a device that has only one keyslot, based on a TPM2 token.

Additional info

Currently using OpenEmbedded with cryptsetup head (3e4c69a0).

I believe comment #774 (comment 1129805672) suggests ways to have this issue fixed.

Debug log

Output with --debug option:

# cryptsetup 2.5.1-git processing "cryptsetup reencrypt --debug /dev/sda2"
# Verifying parameters for command reencrypt.
# Running command reencrypt.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device /dev/sda2.
# Trying to open and read device /dev/sda2 with direct-io.
# Initialising device-mapper backend library.
# Trying to load any crypt type from device /dev/sda2.
# Crypto backend (OpenSSL 3.0.5 5 Jul 2022 [default][legacy]) initialized in cryptsetup library version 2.5.1-git.
# Detected kernel Linux 5.15.64-lmp-standard x86_64.
# Loading LUKS2 header (repair disabled).
# Acquiring read lock for device /dev/sda2.
# Opening lock resource file /run/cryptsetup/L_8:2
# Verifying lock handle for /dev/sda2.
# Device /dev/sda2 READ lock taken.
# Trying to read primary LUKS2 header at offset 0x0.
# Opening locked device /dev/sda2
# Verifying locked device handle (bdev)
# LUKS2 header version 2 of size 16384 bytes, checksum sha256.
# Checksum:8f45efaae800526422e7ffa5dda3904d737f807ac9023eb779e2698722af0903 (on-disk)
# Checksum:8f45efaae800526422e7ffa5dda3904d737f807ac9023eb779e2698722af0903 (in-memory)
# Trying to read secondary LUKS2 header at offset 0x4000.
# Reusing open ro fd on device /dev/sda2
# LUKS2 header version 2 of size 16384 bytes, checksum sha256.
# Checksum:fb1c46210239faba68447601ae71dc69b5631e7d8b13e8ff7504858c3e27b3e2 (on-disk)
# Checksum:fb1c46210239faba68447601ae71dc69b5631e7d8b13e8ff7504858c3e27b3e2 (in-memory)
# Device size 2743242752, offset 16777216.
# Device /dev/sda2 READ lock released.
# Only 1 active CPUs detected, PBKDF threads decreased from 4 to 1.
# Not enough physical memory detected, PBKDF max memory decreased from 1048576kB to 496348kB.
# PBKDF argon2id, time_ms 2000 (iterations 0), max_memory_kb 496348, parallel_threads 1.
# Interactive passphrase entry requested.
Enter passphrase for key slot 0: