Three-tier mechanism (on) Chapter IV-system calls
This chapter focuses on how the user programs that trigger system call?
First, the user, kernel, interrupts
IntelX86 There are four different levels of execution. Linux operating system using only one of the two privilege levels 0 and 3, corresponding to the kernel mode and user mode.
Significant distinction method for a user mode and kernel mode is the CS: EIP point range, CS when the kernel mode: EIP values may be any address. But in user mode can only access the address space 0x00000000 ~ 0xbfffffff. That is above 0xc0000000 address space accessible only in kernel mode.
The system is also a call to interrupt (interrupt processing is the main way into the kernel mode from user mode).
Enter and kernel mode is triggered interrupts, hardware interrupts may be, it may be Trap.
int instruction triggers an interrupt mechanism saves the user mode stack top address, then the status word, then CS: EIP's value.
The first thing after the interruption occurs preserve the scene just started SAVE_ALL , interrupted last thing before the end of the treatment is to restore the site will be executed restore_all and IRET .
Second, the system calls Overview
Significance of system calls to interact with the operating system provides a set of interfaces for user mode processes and hardware devices.
An API may correspond to only a system call may also be a plurality of internal system call, the system call may also be a plurality of API calls.
System call three mechanisms are xyz (), system_call, sys_xyz ( ).
By calling the kernel to distinguish a number for each system, i.e., system calls, the API function XYZ () system call kernel function sys_xyz () linked up.
EAX system call number for delivery.
When Parameter passing sequentially assigned to EBX, ECX, EDX, ESI, EDI, EBP. If the parameter over 6, put a pointer to a register as a memory, so more parameters can be passed through the memory.
Application system call (API) and system knowledge with different API calls function definition. System call is issued to the kernel through the soft interrupt request.
Third, experiment
Use the library functions trigger rename system call API
- code show as below:
#include<stdio.h>
int main()
{
int ret;
char *oldname="hello.c";
char *newname="newhello.c";
ret = rename(oldname,newname);
if(ret == 0)
printf("Renamed successfully\n");
else
printf("Unable to rename the file\n");
return 0;
}result:
Embedded assembly code to trigger rename system call
Assembly language code:
#include<stdio.h>
int main()
{
int ret;
char *oldname="hello.c";
char *newname="newhello.c";
asm volatile(
"movl %2,%%ecx\n\t"
"movl %1,%%ebx\n\t"
"movl $0x26,%%eax\n\t"
"int $0x86\n\t"
"movl %%eax,%0"
:"=m"(ret)
:"b"(oldname),"c"(newname)
);
if(ret == 0)
printf("Renamed successfully\n");
else
printf("Unable to rename the file\n");
return 0;
}Successfully changed newhello.c
