[File] [PATCH] Magdir/linux: Improve kdump compressed dump detection and add flattened format
HAGIO KAZUHITO(萩尾 一仁)
k-hagio-ab at nec.com
Mon Nov 28 07:11:32 UTC 2022
Improve Linux kdump compressed dump detection and add flattened format.
Tested OK with the following commands:
$ file vmcore
vmcore: ELF 64-bit LSB core file, x86-64, version 1 (SYSV), SVR4-style
$ makedumpfile -F -l -d 31 vmcore > dump.flat
$ file dump.flat
dump.flat: Flattened kdump compressed dump v6, system Linux, node t120f, release ...
$ makedumpfile -R dump.kdump < dump.flat
$ file dump.kdump
dump.kdump: Kdump compressed dump v6, system Linux, node t120f, release 6.1.0-rc2, ...
Signed-off-by: Kazuhito Hagio <k-hagio-ab at nec.com>
---
magic/Magdir/linux | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/magic/Magdir/linux b/magic/Magdir/linux
index b6c6d53657c9..4cd4eb364620 100644
--- a/magic/Magdir/linux
+++ b/magic/Magdir/linux
@@ -492,9 +492,12 @@
0 lelong 0x58313116 CRIU inventory
# Kdump compressed dump files
-# https://sourceforge.net/p/makedumpfile/code/ci/master/tree/IMPLEMENTATION
+# https://github.com/makedumpfile/makedumpfile/blob/master/IMPLEMENTATION
-0 string KDUMP Kdump compressed dump
+0 string KDUMP\x20\x20\x20 Kdump compressed dump
+>0 use kdump-compressed-dump
+
+0 name kdump-compressed-dump
>8 long x v%d
>12 string >\0 \b, system %s
>77 string >\0 \b, node %s
@@ -503,6 +506,12 @@
>272 string >\0 \b, machine %s
>337 string >\0 \b, domain %s
+# Flattened format
+0 string makedumpfile
+>16 bequad 1
+>>0x1010 string KDUMP\x20\x20\x20 Flattened kdump compressed dump
+>>>0x1010 use kdump-compressed-dump
+
# Device Tree files
0 search/1024 /dts-v1/ Device Tree File (v1)
# beat c code
--
2.31.1
More information about the File
mailing list