This post covers pretty much all main points which you need to know about System Call in Linux. These points are my notes which I covered through many blogs/sites for my study. So lets start it :
What is System Call ?
- As Linux doesn't allow user process to directly modify anything in kernel space. It has provided a way to achieve it, which is known as System Call. So basically system call provide a layer between the kernel and user space process. Using this, kernel performs user space process's task inside the kernel space. This way kernel have control on, what a user process can do.
Why you need a System Call ?
- As system call is the only legal entry point to kernel, sometimes you may need some information, which can only be provided with kernel space credentials, so Kernel developers give you some system call. Although user space doesn't use it directly(in general), they uses some API for the same.
So the flow will go like
read() ----> read() wrapper ------> system_call() ------> sys_read()
Here first two thing is in user space and last two is in kernel space.
How do they work ?
- Application program calls the API.
- A system library routine is called first.
- It transforms the call to the system standard and traps to the kernel.
- Control is taken by the kernel running in the system mode.
- According to the code, the call dispatcher invokes the responsible handler.
- Interrupt is disable during this handler.
- After call is finished, mode is changed from system mode to user mode and calling process execution resumes.
How it works at low level ?
- So whenever you call any system call, it is translated to SWI .
- Whenever processor sees SWI, it interrupts whatever is running currently( except IRQ/FIQ), changes the mode to supervisor mode(SVC).
- Whatever parameters were there in the system call, are passed using registers.
- Also PC is stored in LR of svc mode and CPSR is saved in SPSR_svc, so that we can recover the previous state while returning from SWI.
- On execution of SWI, processor looks for SWI_handler address, which was already defined in the vector table.
- From this SWI handler, processor jumps to the specific system call handler. Here we use the system call number to get the corresponding handler.
- Once the system call handler finishes its execution. Processor change the mode to user, and recover PC from LR.
Type of System Call :
- Process control and IPC : fork(), exec(), pipe()
- Memory Management : malloc(), free()
- File and File System management : open(), read(), write()
- Device Management : ioctl()
- Others : kill(), signal()
Implementation of System Call :
For this you can refer my previous
blog on creating system call.