Tuesday, 21 July 2015

The concept of Assembly- System calls!

What is system calls?
System calls are APIs for the interface between user space and kernel space.A typical example for the system call is the "read()" system call used to read data specific to a file through the file descriptor. The data is stored in the hard disk and the user process reads the data in the device or file through the read system call.So, The interface between an application program and the Operating System is through system calls.
Let's understand system calls in detail:
As we know that The operating system is responsible for Process Management like starting, running, stopping processes; File Management like creating, opening, closing, reading, writing, renaming files; Memory Management like allocating, deallocating memory;Other stuff like timing, scheduling, network management.An application program makes a system call to get the operating system to perform a service for it, like reading from a file.An application program makes a system call to get the operating system to perform a service for it, like writing to a file.

HOW A SYSTEM CALL WORKS:-
Linux has two modes of operation,kernel mode and user mode. System calls can be taken as interface given to the user mode process to access kernel. When a user mode process invokes a system call the CPU switches from user mode to kernel mode,and starts executing functions. In Linux system calls are invoked using the "int 0x80" assembly language instruction.

You can make use of Linux system calls in your assembly programs.You need to take the following steps for using Linux system calls in your program:
1. To make a system call in Linux, place the system call number in eax.
2. Store the arguments to the system call in the registers EBX, ECX, etc.
3. then invoke int 0x80
4. Some system calls return information or result, usually in eax.

There are six registers that are used for the arguments that the system call takes. The first argument goes in EBX, the second in ECX, then EDX, ESI, EDI, and finally EBP, if there are so many. If there are more than six arguments, EBX must contain the memory location where the list of arguments is stored - but don't worry about this because it's unlikely that you'll use a syscall with more than six arguments.Remember that %eax holds the system call numbers, and that the return values and error codes are also stored in %eax.

DIFFERENT TYPES OF SYSTEM CALLS:
We can classify the system calls to seven depending up on how many arguments are there in the system call .A system call pass as many as six arguments. All the syscalls are listed in /usr/include/asm/unistd.h, together with their numbers (the value to put in EAX before you call int 80h).

Important System Calls:There are hundreds of system calls in Linux.The following figure shows some of the important system calls:-
                                            
         

A more complete listing of system calls, along with additional information is available at : http://syscalls.kernelgrok.com/
For information on how system calls are implemented on Linux, see the Linux Kernel 2.4 Internals section on how system calls are implemented at http://www.faqs.org/docs/kernel_2_4/lki-2.html#ss2.11

Reference: Programming form the gruoud up.

If you like this post or have any question, please feel free to comment!

No comments:

Post a Comment

Blogger Widget