Only send IMA logs if the PCR#10 is set on mask

[lkatalin]

We probably want this to be optional for certain use cases, testing.

[ansasaki]

@maugustosilva

If I see the code correctly, the measured boot log is only read if the PCR#0 is included in the mask:

rust-keylime/src/quotes_handler.rs

Lines 217 to 241 in f5de47b

	// If PCR 0 is included in the mask, obtain the measured boot
	let mut mb_measurement_list = None;
	match tpm::check_mask(&param.mask, &PcrSlot::Slot0) {
	Ok(true) => {
	if let Some(measuredboot_ml_file) = &data.measuredboot_ml_file {
	let mut ml = Vec::<u8>::new();
	let mut f = measuredboot_ml_file.lock().unwrap(); //#[allow_ci]
	if let Err(e) = f.rewind() {
	debug!("Failed to rewind measured boot file: {}", e);
	return HttpResponse::InternalServerError().json(
	JsonWrapper::error(
	500,
	"Unable to retrieve quote".to_string(),
	),
	);
	}
	mb_measurement_list = match f.read_to_end(&mut ml) {
	Ok(_) => Some(base64::encode(ml)),
	Err(e) => {
	warn!("Could not read TPM2 event log: {}", e);
	None
	}
	};
	}
	}

For the IMA measurements, there is the possibility to provide the index from where to start reading the log to not send the whole log in every request. I think that the verifier default behavior is to request only the missing part (meaning, providing the index from the last received entry).

[maugustosilva]

I have re-checked my experiments, and you're right, MB LOG is disabled unless you pass --mb_refstate on keylime_tenant CLI, but IMA is "always on", and perhaps we should apply the very same principle there (i.e., unless PCR 10 is included on the mask, skip it)

[ansasaki]

It is necessary to verify the impact of this change before implementing/merging: look out for the expectations from the verifier. If it expects to always receive the IMA logs, then it will need changes there too.