system-calls

I study the Linux Kernel and found out that for x86_64 architecture the interrupt int 0x80 doesn't work as calling for system call. The question is: in case of x86 architecture what is more preferable syscall or int 0x80 and why? EDIT : I use the kernel 3.4 syscall is default way of entering kernel mode on x86-64 . This instruction is not available in 32 bit modes of operation on Intel processors . sysenter is an instruction most frequently used to invoke system calls in 32 bit modes of operation. It is similar to syscall , a bit more difficult to use though, but that is kernel's concern. int

I'm trying to allocate some memory in linux with sys_brk syscall. Here is what I tried: BYTES_TO_ALLOCATE equ 0x08 section .text global _start _start: mov rax, 12 mov rdi, BYTES_TO_ALLOCATE syscall mov rax, 60 syscall The thing is as per linux calling convention I expected the return value to be in rax register (pointer to the allocated memory). I ran this in gdb and after making sys_brk syscall I noticed the following register contents Before syscall rax 0xc 12 rbx 0x0 0 rcx 0x0 0 rdx 0x0 0 rsi 0x0 0 rdi 0x8 8 After syscall rax 0x401000 4198400 rbx 0x0 0 rcx 0x40008c 4194444 ; <---- What does

I was experimenting and have the following assembly code, which works very well, except that I get a "Segmentation fault (core dumped)" message right before my program ends: GLOBAL _start %define ___STDIN 0 %define ___STDOUT 1 %define ___SYSCALL_WRITE 0x04 segment .data segment .rodata L1 db "hello World", 10, 0 segment .bss segment .text _start: mov eax, ___SYSCALL_WRITE mov ebx, ___STDOUT mov ecx, L1 mov edx, 13 int 0x80 It doesn't matter whether or not I have ret at the end; I still get the message. What's the problem? I'm using x86 and nasm. As n.m. said in the comments, the issue is that

How can we implement the system call using sysenter/syscall directly in x86 Linux? Can anybody provide help? It would be even better if you can also show the code for amd64 platform. I know in x86, we can use __asm__( " movl $1, %eax \n" " movl $0, %ebx \n" " call *%gs:0x10 \n" ); to route to sysenter indirectly. But how can we code using sysenter/syscall directly to issue a system call? I find some material http://damocles.blogbus.com/tag/sysenter/ . But still find it difficult to figure out. I'm going to show you how to execute system calls by writing a program that writes Hello World! to

I read some paragraphs in LKD 1 and I just cannot understand the contents below: Accessing the System Call from User-Space Generally, the C library provides support for system calls. User applications can pull in function prototypes from the standard headers and link with the C library to use your system call (or the library routine that, in turn, uses your syscall call). If you just wrote the system call, however, it is doubtful that glibc already supports it! Thankfully, Linux provides a set of macros for wrapping access to system calls. It sets up the register contents and issues the trap