From d8ce385fe3e5be91b6f414415e10f8897e41d942 Mon Sep 17 00:00:00 2001
From: Martin Wilck <mwilck@suse.com>
Date: Thu, 25 Feb 2021 17:09:03 +0100
Subject: [PATCH] sd-device: don't use BPF filtering for kernel monitors

BPF filtering accesses fields in the netlink header that are
only filled in by libudev, never by the kernel. Therefore adding
BPF filters for kernel monitors is pointless. Even false filtering
of kernel events might be possible; at least it's hard to prove that
it can't occur.
---
 src/libsystemd/sd-device/device-monitor.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/libsystemd/sd-device/device-monitor.c b/src/libsystemd/sd-device/device-monitor.c
index 48f3c707e30..203106ab449 100644
--- a/src/libsystemd/sd-device/device-monitor.c
+++ b/src/libsystemd/sd-device/device-monitor.c
@@ -627,8 +627,9 @@ _public_ int sd_device_monitor_filter_update(sd_device_monitor *m) {
         if (m->filter_uptodate)
                 return 0;
 
-        if (hashmap_isempty(m->subsystem_filter) &&
-            set_isempty(m->tag_filter)) {
+        if (m->snl.nl.nl_groups == MONITOR_GROUP_KERNEL ||
+            (hashmap_isempty(m->subsystem_filter) &&
+             set_isempty(m->tag_filter))) {
                 m->filter_uptodate = true;
                 return 0;
         }
-- 
2.47.3