metrics: remove bad_syscalls

In case of seccomp fault, the offending syscall is logged. This metric
is not useful.

Fixes #869

Signed-off-by: Alexandra Iordache <[email protected]>

Author: Alexandra Iordache

CHANGELOG.md

@@ -9,6 +9,10 @@
 - When running with `jailer` the location of the API socket has changed to
   `<jail-root-path>/api.socket` (API socket was moved _inside_ the jail).
 
+### Removed
+
+- Removed the `seccomp.bad_syscalls` metric.
+
 ## [0.15.0]
 
 ### Added

logger/src/metrics.rs

@@ -29,8 +29,6 @@ use std::sync::atomic::{AtomicUsize, Ordering};
 use chrono;
 use serde::{Serialize, Serializer};
 
-const SYSCALL_MAX: usize = 350;
-
 /// Used for defining new types of metrics that can be either incremented with an unit
 /// or an arbitrary amount of units.
 // This trait helps with writing less code. It has to be in scope (via an use directive) in order
@@ -308,27 +306,12 @@ pub struct NetDeviceMetrics {
 }
 
 /// Metrics for the seccomp filtering.
-#[derive(Serialize)]
+#[derive(Default, Serialize)]
 pub struct SeccompMetrics {
-    /// Number of black listed syscalls.
-    pub bad_syscalls: Vec<SharedMetric>,
     /// Number of errors inside the seccomp filtering.
     pub num_faults: SharedMetric,
 }
 
-impl Default for SeccompMetrics {
-    fn default() -> SeccompMetrics {
-        let mut def_syscalls = vec![];
-        for _syscall in 0..SYSCALL_MAX {
-            def_syscalls.push(SharedMetric::default());
-        }
-        SeccompMetrics {
-            num_faults: SharedMetric::default(),
-            bad_syscalls: def_syscalls,
-        }
-    }
-}
-
 /// Metrics specific to the UART device.
 #[derive(Default, Serialize)]
 pub struct SerialDeviceMetrics {

vmm/src/sigsys_handler.rs

@@ -66,7 +66,6 @@ extern "C" fn sigsys_handler(
     // function are blocked due to the sa_mask used when registering the signal handler.
     let syscall = unsafe { *(info as *const i32).offset(SI_OFF_SYSCALL) as usize };
     METRICS.seccomp.num_faults.inc();
-    METRICS.seccomp.bad_syscalls[syscall].inc();
     error!(
         "Shutting down VM after intercepting a bad syscall ({}).",
         syscall
@@ -138,8 +137,7 @@ mod tests {
         ];
 
         assert!(setup_seccomp(SeccompLevel::Basic(REQUIRED_SYSCALLS)).is_ok());
-        let sys_idx = libc::SYS_getpid as usize;
-        assert_eq!(METRICS.seccomp.bad_syscalls[sys_idx].count(), 0);
+        assert_eq!(METRICS.seccomp.num_faults.count(), 0);
 
         // Calls the blacklisted SYS_getpid.
         let _pid = process::id();
@@ -154,7 +152,7 @@ mod tests {
         // tests, so we use this as an heuristic to decide if we check the assertion.
         if cpu_count() > 1 {
             // The signal handler should let the program continue during unit tests.
-            assert_eq!(METRICS.seccomp.bad_syscalls[sys_idx].count(), 1);
+            assert_eq!(METRICS.seccomp.num_faults.count(), 1);
         }
     }
 }