Linux system calls

Linux architecture

kernel space and user space are two of program execution different states, through system calls and hardware from user space to kernel space. transfer. As shown in the following:

Linux architecture diagram

From knowing that Linux is made up of user space and kernel space

In general, a user process cannot access the kernel. It can neither access the memory space where the kernel resides, nor can it call functions in the kernel. The Linux kernel sets up a set of subroutines to implement various system functions, and users can call them to access the data and functions of the Linux kernel, which are called system calls by the system call Interface (SCI).

The difference between a system call and a normal function:

System calls are very similar to normal function calls, except that system calls are implemented by the operating system kernel and run in the kernel state, while normal function calls are provided by the library or the user itself and run in the user state.

Number of system calls:

In the 2.6.32 kernel, there are total system calls of 365, which can be found in arch/arm/include/asm/unistd.h.

/* This file contains the system call numbers */

#define __nr_restart_syscall (__nr_syscall_base+ 0)
#define __NR_EXIT (__nr_syscall_base+ 1)
#define __nr_fork (__nr_syscall_base+ 2)
......

#define __NR_PREADV(__nr_syscall_base+361)
#define __NR_PWRITEV (__nr_syscall_base+362)
#define __nr_rt_tgsigqueueinfo (__nr_syscall_base+363)
#define __nr_perf_event_open (__nr_syscall_base+364)

Function of system call:

Mainly divided into 3 categories:

(1) Process Control class

Fork to create a child process

Clone creates child processes with specified criteria

Execve running an executable file

...

(2) File control operation

Fcntl file Control

Open File

Read reading files

...

(3) System control

IOCTL I/O total control function

Reboot restart

-sysctl reading and writing system parameters

...

Examples of using system call functions:

The following is the number of seconds from 0:00 GMT January 1, 1970 to the present by the time function system call.

#include <time.h>
Main ()
{
time_t T_time;
T_time=time ((time_t *) 0); /* Call time system call */
printf ("The Time is%ld\n", t_time);
}

How system calls Work:

In general, a user process cannot access the kernel. It can neither access the memory space where the kernel resides, nor can it call functions in the kernel. System
The system call is an exception. The principle is (1) The process first fills the register with the appropriate values, (2) then calls a special instruction, (3) This instruction will let the user program jump to a pre-defined kernel in a position. (4) the fixed kernel location that the process can jump to. This procedure checks the system call number, which tells the kernel process which service to request. It then looks at the system call table (Sys_call_table) to find the calling kernel function entry address. Next, call the function, wait for the return, do some system checks, and finally return to the process.

Overview of how it works:

(1) The appropriate value

All the appropriate values can be found in include/asm/unistd.h, which specifies a unique number for each system call in this file, called the system call number.

#define __NR_UTIMENSAT(__nr_syscall_base+348)
#define __NR_SIGNALFD (__nr_syscall_base+349)
#define __nr_timerfd_create (__nr_syscall_base+350)
#define __NR_EVENTFD (__nr_syscall_base+351)
#define __nr_fallocate (__nr_syscall_base+352)

Each of these macros is a system call number.

(2) Special instructions

In the Intel CPU, this instruction is implemented by the interrupt 0x80

In arm, this command is SWI (Softwhere interrupt: Soft interrupt instruction) and is now renamed as Svc

(3) Fixed position

The fixed location of each CPU is not the same, in the ARM system this fixed kernel location is entry (VECTOR_SWI) (in Arch\sh\kernel\Entry-common. S), i.e. the PC pointer will jump to this position

(4) The corresponding function

The kernel finds the appropriate kernel function from the system call table Sys_call_table, based on the system call number passed by the application.

Call (Sys_restart_syscall)

Call (Sys_exit)

Call (Sys_fork_wrapper)

Instance:

Working principle (Application): The following is a general flow from the user open call to the entry address of the specific system call function found in the kernel

#define __SYSCALL (name) "swi\t" __nr_# #name "\n\t"
int open (const char * pathname, int flags)
{
。。。。。。
__syscall (open);
。。。。。。
}
Translates to
int open (const char * pathname, int flags)
{
。。。。。。
Swi\t __nr_open//#define __nr_open (__nr_syscall_base+ 5)
。。。。。。
}

Kernel entry

/* Arch/arm/kernel/entry-common. S */
ENTRY (VECTOR_SWI)
...... ...... ...... ......
ADR TBL, sys_call_table @ load syscall table pointer
...... ...... ...... ......
LDRCC pc, [TBL, Scno, LSL #2] @ call sys_* Routine
...... ...... ...... ......
ENTRY (sys_call_table)

#include "calls. S

/* Arch/arm/kernel/calls. S */
/* 0 */Call (Sys_restart_syscall)
Call (Sys_exit)
Call (Sys_fork_wrapper)
Call (Sys_read)
Call (Sys_write)
/* 5 */Call (Sys_open)
........................................................................
Call (SYS_DUP3)
Call (Sys_pipe2)
/* */call (SYS_INOTIFY_INIT1)

Linux system calls