detectCgroupPath returns the first-found mount point of type cgroup2 and stores it in the cgroupPath global variable.
(logger *zap.Logger)
| 15 | // detectCgroupPath returns the first-found mount point of type cgroup2 |
| 16 | // and stores it in the cgroupPath global variable. |
| 17 | func DetectCgroupPath(logger *zap.Logger) (string, error) { |
| 18 | f, err := os.Open("/proc/mounts") |
| 19 | if err != nil { |
| 20 | return "", err |
| 21 | } |
| 22 | defer func() { |
| 23 | err := f.Close() |
| 24 | if err != nil { |
| 25 | utils.LogError(logger, err, "failed to close /proc/mounts file") |
| 26 | } |
| 27 | }() |
| 28 | |
| 29 | scanner := bufio.NewScanner(f) |
| 30 | for scanner.Scan() { |
| 31 | // example fields: cgroup2 /sys/fs/cgroup/unified cgroup2 rw,nosuid,nodev,noexec,relatime 0 0 |
| 32 | fields := strings.Split(scanner.Text(), " ") |
| 33 | if len(fields) >= 3 && fields[2] == "cgroup2" { |
| 34 | return fields[1], nil |
| 35 | } |
| 36 | } |
| 37 | |
| 38 | return "", errors.New("cgroup2 not mounted") |
| 39 | } |
| 40 | |
| 41 | func GetPortToSendToKernel(_ context.Context, rules []models.BypassRule) []uint { |
| 42 | // if the rule only contains port, then it should be sent to kernel |