added unified_output to 7 linux plugins

volatility/plugins/linux/arp.py

@@ -27,6 +27,7 @@
 import socket
 import volatility.plugins.linux.common as linux_common
 import volatility.obj as obj
+from volatility.renderers import TreeGrid
 
 class a_ent(object):
 
@@ -130,6 +131,19 @@ def walk_neighbor(self, neighbor):
 
         return ret
 
+    def unified_output(self, data):
+        return TreeGrid([("ip",str),
+                       ("mac",str),
+                       ("devname",str)],
+                       self.generator(data))
+
+    def generator(self, data):
+        for ent in data:
+            yield (0, [ str(ent.ip),
+                        str(ent.mac),
+                        str(ent.devname),
+                      ])
+
     def render_text(self, outfd, data):
         for ent in data:
             outfd.write("[{0:42s}] at {1:20s} on {2:s}\n".format(ent.ip, ent.mac, ent.devname))

volatility/plugins/linux/aslr_shift.py

@@ -25,6 +25,7 @@
 
 import volatility.utils as utils
 import volatility.plugins.linux.common as common
+from volatility.renderers import TreeGrid
 
 class linux_aslr_shift(common.AbstractLinuxCommand):
     """Automatically detect the Linux ASLR shift"""
@@ -34,6 +35,19 @@ def calculate(self):
 
         yield aspace.profile.virtual_shift, aspace.profile.physical_shift
 
+    def unified_output(self, data):
+        return TreeGrid([("v", str),
+                         ("p", str),
+                        ],
+                        self.generator(data))
+
+    def generator(self, data):
+        for v, p in data:
+            yield (0, [
+                       str(v),
+                       str(p),
+                      ])
+
     def render_text(self, outfd, data):
         self.table_header(outfd, [("Virtual Shift Address", "[addrpad]"), ("Physical Shift Address", "[addrpad]")])
 

volatility/plugins/linux/banner.py

@@ -29,6 +29,7 @@
 import volatility.plugins.linux.flags as linux_flags
 import volatility.plugins.linux.common as linux_common
 import volatility.plugins.linux.pslist as linux_pslist
+from volatility.renderers import TreeGrid
 
 class linux_banner(linux_common.AbstractLinuxCommand):
     """ Prints the Linux banner information """
@@ -44,7 +45,17 @@ def calculate(self):
             debug.error("linux_banner symbol not found. Please report this as a bug on the issue tracker: https://code.google.com/p/volatility/issues/list")
 
         yield banner.strip()
-
+
+    def unified_output(self, data):
+        return TreeGrid([("banner", str)],
+                       self.generator(data))    
+
+    def generator(self, data):
+        for banner in data:
+            yield (0, [
+             str(banner),
+             ])
+
     def render_text(self, outfd, data):
         for banner in data:
             outfd.write("{0:s}\n".format(banner))

volatility/plugins/linux/check_afinfo.py

@@ -28,6 +28,7 @@
 import volatility.obj as obj
 import volatility.plugins.linux.common as linux_common
 import volatility.plugins.linux.lsmod as linux_lsmod
+from volatility.renderers import TreeGrid
 
 class linux_check_afinfo(linux_common.AbstractLinuxCommand):
     """Verifies the operation function pointers of network protocols"""
@@ -77,6 +78,22 @@ def calculate(self):
                 for (name, member, address) in self.check_afinfo(global_var_name, global_var, op_members, seq_members, modules):
                     yield (name, member, address)
 
+    def unified_output(self, data):
+        return TreeGrid([
+                         ("what", str),
+                         ("member", str),
+                         ("address", str)
+                        ],
+                       self.generator(data))
+
+    def generator(self, data):
+        for (what, member, address) in data:
+            yield (0, [
+                       str(what),
+                       str(member),
+                       str(address),
+                      ])
+
     def render_text(self, outfd, data):
 
         self.table_header(outfd, [("Symbol Name", "42"), 

volatility/plugins/linux/check_evt_arm.py

@@ -26,6 +26,7 @@
 import volatility.obj as obj
 import volatility.debug as debug
 import volatility.plugins.linux.common as linux_common
+from volatility.renderers import TreeGrid
 
 class linux_check_evt_arm(linux_common.AbstractLinuxARMCommand):
     ''' Checks the Exception Vector Table to look for syscall table hooking '''
@@ -75,6 +76,20 @@ def calculate(self):
             yield ("vector_swi code modification", "FAIL", "Opcode E28F80?? not found")
             return
 
+    def unified_output(self, data):
+        return TreeGrid([("check", str),
+                      ("result", str),
+                      ("info", str)],
+                       self.generator(data))
+
+    def generator(self, data):
+        for (check, result, info) in data:
+            yield (0, [
+                      str(check),
+                      str(result),
+                      str(info),
+                      ])
+
     def render_text(self, outfd, data):
         self.table_header(outfd, [("Check", "<30"), ("PASS/FAIL", "<5"), ("Info", "<30")])
         for (check, result, info) in data:

volatility/plugins/linux/dentry_cache.py

@@ -26,6 +26,7 @@
 
 import volatility.plugins.linux.common as linux_common
 from volatility.plugins.linux.slab_info import linux_slabinfo
+from volatility.renderers import TreeGrid
 
 class linux_dentry_cache(linux_common.AbstractLinuxCommand):
     """Gather files from the dentry cache"""
@@ -66,6 +67,16 @@ def calculate(self):
         for dentry in cache:
             yield self.make_body(dentry)
 
+    def unified_output(self, data):
+           return TreeGrid([("bodyline", str)],
+                           self.generator(data))
+
+    def generator(self, data):
+        for bodyline in data:
+            yield (0, [
+                str(bodyline),
+                      ])
+
     def render_text(self, outfd, data):
 
         for bodyline in data:

volatility/plugins/linux/dmesg.py

@@ -26,6 +26,7 @@
 
 import volatility.obj as obj
 import volatility.plugins.linux.common as linux_common
+from volatility.renderers import TreeGrid
 
 class linux_dmesg(linux_common.AbstractLinuxCommand):
     """Gather dmesg buffer"""
@@ -92,6 +93,16 @@ def calculate(self):
         else:
             yield self._pre_3(log_buf_addr, log_buf_len)
 
+    def unified_output(self, data):
+        return TreeGrid([("buf", str),
+                    self.generator(data))
+
+    def generator(self, data):
+        for buf in data:
+            yield (0, [
+                        str(buf),
+                      ])
+
     def render_text(self, outfd, data):
 
         for buf in data: