Merge pull request 'Add basics from investigation' (#1) from tbsliver/return-42 into main

Reviewed-on: #1

programs/return-42/.gitignore

@@ -0,0 +1,3 @@
+out.txt
+out.hex
+out

programs/return-42/00_elf_header.txt

@@ -0,0 +1,76 @@
+# ELF Header Setup
+# ================
+# 64 Bytes of Data Total
+
+# ELF Identifier
+# --------------
+# 16 Bytes of setup
+
+# Magic Numbers - EI_MAG[0-3]
+7f 45 4c 46
+
+# File Class - EI_CLASS - 64 Bit
+02
+
+# Data Encoding - EI_DATA - Little Endian
+01
+
+# File Version - EI_VERSION - Version 1
+01
+
+# Target ABI - EI_OSABI - Zero for static executables
+00
+
+# Target ABI Version - EI_ABIVERSION - Zero for static executables
+00
+
+# EI_PAD - 7 Padded Bytes
+00 00 00 00 00 00 00
+
+# Rest of the Header
+# ------------------
+
+# File Type - e_type - Executable binary
+02 00
+
+# Architecture - e_machine - AMD 64 Architecture
+3e 00
+
+# Version Spec - e_version - Version 1
+01 00 00 00
+
+# Entry Point Location - e_entry
+# 64 Bytes + 56 Bytes program header = 120 bytes
+78 00 40 00 00 00 00 00
+
+# Program Header Offset - e_phoff
+# Right after this header which is 64 Bytes
+40 00 00 00 00 00 00 00
+
+# Section Header Table Offset - e_shoff
+# We dont have one! no offset
+00 00 00 00 00 00 00 00
+
+# Processor Flags - e_flags - No flags set
+00 00 00 00
+
+# ELF Header Size - e_ehsize - 64 Bytes
+40 00
+
+# Program Header Entry Size - e_phentsize - 56 Bytes
+38 00
+
+# Program Header Count - e_phnum - 1 Header
+01 00
+
+# Section Header Entry Size - e_shentsize - 64 Bytes
+40 00
+
+# Section Header Count - e_shnum
+# Set to 3 based on example
+00 00
+
+##Section Header String Table Index - e_shstrndx
+# Set to 2 based on example
+00 00
+

programs/return-42/01_program_header.txt

@@ -0,0 +1,37 @@
+# Program header - 56 bytes
+# =========================
+
+# p_type - loadable segment
+01 00 00 00
+
+# p_flags - read and execute
+05 00 00 00
+
+# p_offset - load the entire program from the beginning
+# this will then include the ELF header and program header as well
+# could offset by the ELF and program header I guess
+# but leave it for now
+00 00 00 00 00 00 00 00
+
+# p_vaddr - virtual memory load position
+# this is a common place. Needs to be page aligned
+00 00 40 00 00 00 00 00
+
+# p_paddr - physical memory load position
+# not really used as far as i can tell - set to same as p_vaddr
+00 00 40 00 00 00 00 00
+
+# p_filesz - size of the file to load
+# This is to the end of the .text section, which for us is just
+# the program size, ELF header, and program header
+# so 64 + 56 + 16 = 136 = 0x88
+88 00 00 00 00 00 00 00
+
+# p_memsz - size of the file once loaded into memory
+# For us this is the same as above for now
+88 00 00 00 00 00 00 00
+
+# p_align - something to do with alignment, p_offset and p_vaddr
+# need more reading on that
+00 00 20 00 00 00 00 00
+

programs/return-42/02_program_code.txt

@@ -0,0 +1,12 @@
+# Program Code
+# ============
+
+# mov $60, %rax
+48 c7 c0 3c 00 00 00
+
+# mov $42, %rdi
+48 c7 c7 2a 00 00 00
+
+# syscall
+0f 05
+