I'm trying to implement a syscall in Linux (RedHat Enterprise 8) and I'm a bit confused about the way it works. From what I understand, I implement a wrapper in user mode which puts the syscall number in eax开发者_运维知识库 and parameters in ebx, ecx, edx, etc, and then invokes int 0x80 which calls the appropriate syscall. My question is, since a syscall is written like a regular C function, how does it know what registers contain what parameters? Is it a convention, or is there a mechanism for it, and if so where and how does it do it?
EDIT: This is a homework assignment. I know that there are syscall macros that can do this stuff for me.
From the Linux Journal article, bottom of page 2
Since the system call interface is exclusively register-parametered, six parameters at most can be used with a single system call. %eax is the syscall number; %ebx, %ecx, %edx, %esi, %edi and %ebp are the six generic registers used as param0-5; and %esp cannot be used because it's overwritten by the kernel when it enters ring 0 (i.e., kernel mode).
Your c code may look like it's making a system call, but it actually calls a function in libc. That function makes sure that all the arguments are in the right registers, and then does the interrupt.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论