sd-device: don't use BPF filtering for kernel monitors

BPF filtering accesses fields in the netlink header that are
only filled in by libudev, never by the kernel. Therefore adding
BPF filters for kernel monitors is pointless. Even false filtering
of kernel events might be possible; at least it's hard to prove that
it can't occur.

diff --git a/src/libsystemd/sd-device/device-monitor.c b/src/libsystemd/sd-device/device-monitor.c
index 48f3c707e30d11a067f13572149cc27cbea012b1..203106ab44929546f2f5404761d923a15aeb0a4d 100644 (file)
--- a/src/libsystemd/sd-device/device-monitor.c
+++ b/src/libsystemd/sd-device/device-monitor.c
@@ -627,8 +627,9 @@ _public_ int sd_device_monitor_filter_update(sd_device_monitor *m) {
         if (m->filter_uptodate)
                 return 0;
 
-        if (hashmap_isempty(m->subsystem_filter) &&
-            set_isempty(m->tag_filter)) {
+        if (m->snl.nl.nl_groups == MONITOR_GROUP_KERNEL ||
+            (hashmap_isempty(m->subsystem_filter) &&
+             set_isempty(m->tag_filter))) {
                 m->filter_uptodate = true;
                 return 0;
         }