MN> Can someone explain how a system call works -- on both the
MN> user and the kernel side?
The user syscall is built form
_syscallN(...)
where N is the number of args (0 to 5) you want to send to the kernel.
This is a macro that creates the actual syscall (on the user side).
The code for the syscall puts the args in ebx,ecx,edx,esi,edi, sets
eax to the syscall number and then performs an int 0x80. This
instruction cause a switch to supervisor mode.
The _system_call code handles this trap. It first dumps the registers
on the stack, perform a few checks and then issue the syscall as such.
The address for the syscall routine is fetched from a syscall table.
Since the args a passed in the registers, no copying between the user
stack and the kernel stack is necessary. Moreover, since the
registers are dumped on the stack, they appear to the syscall code as
normal arguments.
Upon return, the kernel code reschedules the thread if necessary,
checks for signals, does a few other things I don't remember, then
restores the registers and returns to user mode.
Does it answer your question?
ldd