7

I know that the system calls are not in the C standard Library. Is there any library (some sort of a system library) where the system calls are?

If there is such a library how is this library linked to the executable program?

3 Answers3

3

A system call can work in a few different ways, depending on the target architecture, but in any case, it is not a library call. It is a way for a running user-space program to call some functionality in the kernel.

In very old systems, this typically meant to jump directly to some address where this kernel function starts. Later, kernels introduced "jump tables" adding a layer of indirection, so the addresses don't have to change when the kernel was changed. This simple approach doesn't work any more for a long time (and linux never used it) because nowadays, user-space programs run in some "protected" mode that restricts what they can do and lets them run in virtual address space, thus protecting the system from crashing, just because one user-space program is erroneous.

So new methods are needed that put the CPU in a mode allowing any code (privileged mode) and still making sure control is passed to the kernel only, so no other code can accidentally run in privileged mode. On x86, this was typically done using an int instruction that triggers a soft interrupt and the kernel handled that interrupt. On amd64, there is a special syscall instruction for entering the kernel.

In any case, C doesn't know about syscalls. You can't directly issue a syscall in C (but you can with inline assembly, if you know your target architecture). The C library on Linux includes a lot of functions that are just tiny wrappers around actual syscalls, so you can use them from C directly.

Although not in the scope of the question: Contrary to Linux, Windows hides syscalls to an extent that they aren't even documented and subject to change any time. On Windows, you're supposed to only use the system libraries (like user32.dll) for your application software.

1

A system call (listed in syscalls(2)) is mostly interpreted by the linux kernel. The C library just contains the glue code to interface to the kernel. From the application (user-land) point of view, a system call is atomic and is nearly a single machine code instruction (SYSCALL or SYSENTER on x86-64). The ABI used to invoke system calls is not the C ABI. See also Linux Assembler HowTo and x86-64 ABI. Use strace(1) to understand what system calls are done by some command or process.

Read about operating systems, system calls, linux kernel.

A SYSENTER (or SYSCALL) machine instruction switches the CPU mode from user-mode to kernel-mode. The kernel then run many (millions) of machine instructions in privileged [kernel] mode, and finally would execute a SYSEXIT (or SYSRETURN) machine instruction to return back to user-mode. The kernel could even schedule another task. So from the application's point of view, a system call is a kind of elementary virtual machine instruction; the application code just "sees" a very complex machine instruction doing an entire system call, and that illusion is provided by the kernel.

See also this answer to a related question.

(You could avoid the libc by directly doing syscalls in assembler; Bones is an example of such program; but almost all programs on Linux are using some libc).

Read also vdso(7), ld-linux(8), elf(5).

Basile Starynkevitch
  • 223,805
  • 18
  • 296
  • 547
  • thank you for the detailed answer. However this is still confusing to me. I thought that assembly code contains instructions that are run directly on the processor and that the commands in assembly are instructions from the Instruction Set Architecture of the specific architecture. I do not understand now the link between the kernel system calls and the assembly commands which until now I thought are commands that are found on the ISA of the processor (ADD, LOAD, etc) –  Oct 09 '17 at 13:33
  • Command is not the right word. It would be machine code operation. – Basile Starynkevitch Oct 09 '17 at 13:47
  • Ok but a machine code operation is an operation that can be executed by the CPU microcode. How can a code operation call a complex Linux Kernel System Call? –  Oct 09 '17 at 13:53
  • The application code see something different than the kernel – Basile Starynkevitch Oct 09 '17 at 13:53
  • Now I really got confused. What does the application code and kernel have to do with the fact that assembly instructions are executed by the CPU microcode? –  Oct 09 '17 at 13:55
  • Did I mention CPU microcode? And why do you care about it? You can't even detect that it is existing! – Basile Starynkevitch Oct 09 '17 at 13:55
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/156275/discussion-between-basile-starynkevitch-and-jennifer-anderson). – Basile Starynkevitch Oct 09 '17 at 13:57
0

The library is the standard C library (libc). This is normally glibc but some embedded linuxes will use musl and Android uses bionic.

Linux as a platform is fairly unique in that the kernel/user interface is rather stable so different c libraries can be used.

libc library will be linked in automatically as a shared library by your toolchain unless you tell it not to.

doron
  • 27,972
  • 12
  • 65
  • 103
  • but how does the object code of the glibc know how to make system calls? If glibc can make system calls internally, can my program do this also directly, without linking the standard library the glibc? –  Oct 09 '17 at 12:42
  • @JenniferAnderson the answer to your comment is yes, Basile's answer has some links while my answer attempts to explain the general concept. –  Oct 09 '17 at 13:21
  • @doron: This answer is wrong although it means the correct thing. OP already stated "*I know that the system calls are not in the C standard Library.*" and indeed, the answer would be "there is no such library" because a syscall is not a library call. –  Oct 09 '17 at 13:22