sd-device: don't use BPF filtering for kernel monitors

BPF filtering accesses fields in the netlink header that are only filled in by libudev, never by the kernel. Therefore adding BPF filters for kernel monitors is pointless. Even false filtering of kernel events might be possible; at least it's hard to prove that it can't occur. (cherry picked from commit d8ce385fe3e5be91b6f414415e10f8897e41d942) (cherry picked from commit 8f67d7ba3af72b1b3750530c123702246f35987f)
author: Martin Wilck <mwilck@suse.com> 2021-02-25 17:09:03 +0100
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2021-03-12 18:21:48 +0100
commit: 6ba248ef66b669154788676233500659823fe51b (patch)
tree: 3781bbd2be2ab26d259c4ff5fb5adc9254982cd6
parent: 2440aa43fec07e370886a0d6b10c251069e2cd5b (diff)
download: systemd-6ba248ef66b669154788676233500659823fe51b.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/src/libsystemd/sd-device/device-monitor.c b/src/libsystemd/sd-device/device-monitor.c
index 1d24af0696..5db5dd7218 100644
--- a/src/libsystemd/sd-device/device-monitor.c
+++ b/src/libsystemd/sd-device/device-monitor.c
@@ -629,8 +629,9 @@ _public_ int sd_device_monitor_filter_update(sd_device_monitor *m) {
         if (m->filter_uptodate)
                 return 0;
 
-        if (hashmap_isempty(m->subsystem_filter) &&
-            set_isempty(m->tag_filter)) {
+        if (m->snl.nl.nl_groups == MONITOR_GROUP_KERNEL ||
+            (hashmap_isempty(m->subsystem_filter) &&
+             set_isempty(m->tag_filter))) {
                 m->filter_uptodate = true;
                 return 0;
         }
author	Martin Wilck <mwilck@suse.com>	2021-02-25 17:09:03 +0100
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2021-03-12 18:21:48 +0100
commit	6ba248ef66b669154788676233500659823fe51b (patch)
tree	3781bbd2be2ab26d259c4ff5fb5adc9254982cd6
parent	2440aa43fec07e370886a0d6b10c251069e2cd5b (diff)
download	systemd-6ba248ef66b669154788676233500659823fe51b.tar.gz