looking for a detailed document on Linux System calls

Question

I would like to write my own libc library for x86 Linux for learning purpose. For that, I'd need to call Linux System call in assembly level language. I know how to make system call in assembly on Linux. However, I need to have the complete information on Linux System calls.

I am looking for a detailed document on Linux System call like inputs and output for each system calls. Can anyone please provide me URL/PDF for Linux system call.

For example, for 'sys_socketcall' call, register AX = 102, BX should contain call number for method like create/bind and CX should contain a pointer to 'unsigned long'. Here, I need more information on third parameter (CX).

Answer 1

The socketcall system call is a special case, so don't rely on this one to learn the general format. Furthermore, it only exist on x86-32, and other platforms use separate system calls for each functions/procedures of the socket operations (with these platforms, there is no socketcall, but socket, bind, and so on).

For the special case which is socketcall: it expects __NR_socketcall in eax, the sub‑function (ex SYS_SOCKET, SYS_BIND, etc) number in ebx and the address of the other arguments in ecx. You will have to store an array of as an example, 3 words for the socket operation (creating a socket), store the family in my_array[0], the type in my_array[1], and the protocol (usually 0) in my_array[2], the pass the address of my_array to ecx (you don't pass the number of element in my_array in any explicit way, it's implied by the socket sub‑function you call).

You may like these documents:

• sys socketcall: Network systems calls on Linux [PDF]. Daniel Noé, 2008.
• INET Sockets Tour: Where is the roots of socket()? . 2002.

Now, for other system calls, which are not the socketcall exception, you just have to get the reference of the correspoding POSIX function (see reference), or of the corresponding description of the function from man(2) (man(2) is section of the manual pages, which is dedicated to the system calls), which you may find as an example, here: man-pages section 2. Then, you have to note the order of the arguments. You will pass the system call number in eax, then all other arguments in the same order as described by either man(2) or POSIX, to, in order, ebx, ecx, edx, esi, edi, ebp (up to six arguments). The status/result is returned in eax.

Note the above applies to Linux on Intel architecture only (you guess other processors have other registers), and also note the system call numbers differs between x86-32 and x86-64.

Answer 2

The best source of information on linux kernel is, surprisingly, its source: https://github.com/torvalds/linux/blob/master/include/linux/syscalls.h should contain the needed call definition.

The source of the call itself: http://lxr.free-electrons.com/source/net/socket.c#L2366, here you can see how the parameters are handled.

To quickly grep linux source on the net, you can use LXR: http://lxr.free-electrons.com/ident?i=sys_socketcall.

Answer 3

• http://www.4shared.com/office/2hhz1YtL/LINUX_System_Call_Quick_Refere.html
• http://seesee.pbworks.com/f/linux.pdf
• http://richard.esplins.org/static/downloads/linux_book.pdf