syscall to userland interface

Mateusz Guzik mjguzik at gmail.com
Sat May 11 08:58:10 UTC 2013


On Sat, May 11, 2013 at 09:23:31AM +0100, Karl Dreger wrote:
> What my question boils down to is this: when running fork and friends 
> 
> from userland they are invoked as:
> 
> fork();, open();, read();, close(); ...
> 
> 
> but are defined as:
> 
> sys_fork(), sys_open(), sys_read(), sys_close(), ...
> 
> in their actual c definition.

sys_* are symbols visible only in the kernel, and as such their names
or existence is not visible from userspace.

The kernel has syscall table - each syscall has an entry in the table at
specified offset (syscall number) with a pointer to function
implementing given syscall.

Userspace knows syscall numbers.

So the common thing for both userspace and kernel is syscall number, it
has nothing to do with names.

Here is an example how syscall worked on i386:
- you put syscall numer in eax register
- you call the kernel by issuing int 80h
- handler in the kernel takes number from eax, looks up appropriate
  function from syscall table and calls that function

Here is an example:
http://www.freebsd.org/doc/en/books/developers-handbook/x86-system-calls.html

e.g. fork has number 2.
So, what userspace fork function does is simply telling the kernel to
execute syscall number 2. It is not important how function implementing
this syscall is named, it could be "foobarbecausewhynot".

I hope this clears things up.
-- 
Mateusz Guzik <mjguzik gmail.com>


More information about the freebsd-hackers mailing list