How System Calls Works

How System Calls are Executed in x86:

As we said, system calls are kernel functions. User space applications cannot access system calls directly. We need a way to switch to the kernel space and to execute the system call and get the return value of the system call. This is where software-generated interrupts are used. A vector in the interrupt descriptor table (IDT) is used to invoke the system call. Only one vector is allocated for the system calls. But, how are more than one system calls invoked with one vector?. There will be a generic function (you can say an ISR) which will multiplex the all other system calls. That means when an interrupt (software interrupt using INT instruction) is raised on this vector, the generic function will be called and a system call number is passed as an argument to this function.

This generic function uses this system call number as an index into the sys_call_table array and gets the address (function pointer) of the system call and invokes that system call. Interrupt vector used for the system call is 0x80(128), interrupt descriptor table's 128thentry. 128th entry in the IDT table is filled( in the trap_init(), arch/x86/kernel/traps.c) with the address of system_call() function. system_call() is defined in arch/x86/kernel/entry_32.S.

How System Calls are Executed On ARM:

In case of x86, interrupt vector 0x80 is used to invoke system call. An Exception is used to invoke system calls in case of ARM . The ARM architecture supports seven types of exceptions. When an exception occurs, execution is forced from a fixed memory address corresponding to the type of exception. These fixed addresses are called the exception vectors. These vectors are same as the vectors of x86 interrupt descriptor table.

One of the seven exceptions is the software interrupt exception. Address of the function to be executed when this exception is raised is stored at the physical address 0x00000008. The Software Interrupt instruction (SWI) is used to generate the software interrupt exception. Linux uses this vector to invoke the system calls. When this exception is generated a function, vector_swi(), is called. vector_swi() is defined in <arch/arm/kernel/entry-common.S>. vector_swi() gets the system call number in the R7 general-purpose register and finds the system call address in the sys_call_table and invokes it. Registers R0-R6 are used to send arguments to the system calls.