Implementation of classic system invocation of Linux based on int

Describe two concepts: interrupts and system calls

A system call: an interface between an application (the runtime is also part of an application) and the operating system kernel, which determines how the application deals with the kernel.

1, Linux system call: The 2.6.19 version of the kernel provides 319 system calls. For example, exit Fork Read Open close ...

2, for Windows, the interface that the operating system provides to the application is not a system call, but an API. For example: ReadFile. We equate API and system calls for the time being.

3, Linux, each system call corresponding to a system call number , the kernel maintains a system call table , through this table can find the corresponding system call function.

Two interrupts

1, modern CPUs can often execute instructions at different levels of privilege, so there are two levels of privilege, user mode and kernel mode (Kernel mode) .

2, the system calls run in the kernel state, the application is basically running in the user state. User state to switch to the kernel state, the operating system is usually done by interrupts

3, Linux uses 0x80 interrupts as the entry for system calls, Windows uses the 0x2e interrupt as the system call entry

4, interrupts are requests made by a hardware or software that require the CPU to suspend current work to handle more important things.

5, interrupts generally have two properties, interrupt numbers, and interrupt handlers . Different interrupts have different interrupt numbers, and they also correspond to different interrupt handlers.

6, there is an array in the kernel called the interrupt vector table , and the nth entry of this array contains a pointer to the interrupt handler for the nth interrupt.

Three classical system invocation implementations of Linux based on int (go to the Chase)

1, take fork as an example

void Main (void) {    fork ();  }

2, probably the process is this: user call Fork---eax=2 (Save system call number to register), int 0x80 (trigger interrupt, switch to kernel state)

Find (0x80) in interrupt vector table, execute 0x80 corresponding interrupt service program (System_call)

In the system call table, find the system call number 2 (through the previously saved eax=2), execute system call (Sys_fork)

3, execute the flowchart as follows

4, the user invokes a system call, executes to int $0x80, saves the scene for recovery, then switches the privileged state to the kernel state, then the CPU looks for the 0x80 element in the interrupt vector table.

5. Toggle Stack:

(1) before executing the interrupt handler function, the CPU first has to switch the stack.

(2) in Linux, the user state and the kernel state use different stacks, each of which is responsible for the respective function calls.

(3) when the 0x80 interrupt is called, the program execution process switches from the user state to the kernel state, and the current stack must switch from the user stack to the kernel stack accordingly. When returning from the interrupt handler, switch back to the user stack

(4) "current stack" refers to the value of the ESP stack space, if the value of ESP is in the scope of the user stack, the current stack is the user stack, and vice versa is the kernel stack. Also, the value of the register SS points to the page where the current stack is located

(5) The actual behavior of the kernel stack, user stack, is:

To save the current ESP,SS value, set the value of the ESP SS to the appropriate value for the kernel stack

the actual behavior of the user stack, the kernel stack, is:

Restore the value of the original ESP SS

(6) the user-state ESP and SS are stored in the kernel stack, and this line is automatically completed by the i386 interrupt instruction by the hardware.

(7) When the interrupt occurs, the CPU goes into the kernel state, and then does the following several things

Find the kernel stack for the current process (each process has a separate kernel stack), the Register SS, ESP, EFlags, CS, EIP, which are pressed into the user's state in the kernel stack.

(8) when the system returns from the system call, needs to return to the user state with the iret instruction, Iret will eject the register SS, ESP, EFlags, CS, EIP value from the kernel state, make the stack revert to the state of the user state

6, Interrupt handler: after switching the stack, the process of the program switches to the interrupt vector table record 0x80 interrupt handler , Linux internal i386 interrupt service flow

After executing the sys_fork and then returning along the original road

Reference: "Self-cultivation of programmers"

Implementation of classic system invocation of Linux based on int