System call

This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "System call" – news · newspapers · books · scholar · JSTOR (July 2008) (Learn how and when to remove this message)

In computing, a system call is the mechanism by which a program requests a service from an operating system's kernel.

A system call is a request made by any program to the operating system for performing tasks—picked from a predefined set—which the said program does not have required permissions to execute in its own flow of execution. System calls provide the interface between a process and the operating system. Most operations interacting with the system require permissions not available to a user level process, e.g. I/O performed with a device present on the system, or any form of communication with other processes requires the use of system calls.

The fact that improper use of the system call can easily cause a system crash necessitates some level of control. The design of the microprocessor architecture on practically all modern systems (except some embedded systems) offers a series of privilege levels -- the (low) privilege level in which normal applications execute limits the address space of the program so that it cannot access or modify other running applications nor the operating system itself. It also prevents the application from directly using devices (e.g. the frame buffer or network devices). But obviously many normal applications need these abilities; therefore, pre-defined system calls are made available by the operating system. The operating system executes at the highest level of privilege, and allows applications to request services via system calls, which are often implemented through interrupts. If allowed, the system enters a higher privilege level, executes a specific set of instructions over which the interrupting program has no direct control, returns to the calling application's privilege level, then returns control to the calling application. This concept also serves as a way to implement security.

With the development of separate operating modes with varying levels of privilege, a mechanism was needed for transferring control safely from lesser privileged modes to higher privileged modes. Less privileged code could not simply transfer control to more privileged code at any point and with any processor state. To allow it to do so would allow it to break security. For instance, the less privileged code could cause the higher privileged code to execute in the wrong order, or provide it with a bad stack.

Generally, systems provide a library that sits between normal programs and the operating system, usually an implementation of the C library (libc), such as glibc. This library exists between the OS and the application, and increases portability.

On exokernel based systems, the library is especially important as an intermediary. On exokernels, libraries shield user applications from the very low level kernel API, and provide abstractions and resource management.

On Unix, Unix-like and other POSIX-compatible Operating Systems, popular system calls are open, read, write, close, wait, exec, fork, exit, and kill. Many of today's operating systems have hundreds of system calls. For example, Linux has 319 different system calls. Similarly, FreeBSD has almost 330.

Tools such as strace and truss allow a process to execute from start and report all system calls the process invokes, or can attach to an already running process and intercept any system call made by said process if the operation does not violate the permissions of the user. This special ability of the program is usually also implemented with a system call, e.g. the GNU's strace is implemented with ptrace().

For many RISC processors this is the only feasible implementation, but CISC architectures such as x86 support additional techniques. One example is SYSCALL/SYSENTER, SYSRET/SYSEXIT (the two mechanisms were independently created by AMD and Intel, respectively, but in essence do the same thing). These are "fast" control transfer instructions that are designed to quickly transfer control to the OS for a system call without the overhead of an interrupt. Linux 2.5 began using this on the x86, where available; formerly it used the INT instruction, where the system call number was placed in the EAX register before interrupt 0x80 was executed.^[1]

An older x86 mechanism is called a call gate and is a way for a program to literally call a kernel function directly using a safe control transfer mechanism the OS sets up in advance. This approach has been unpopular, presumably due to the requirement of a far call which uses x86 memory segmentation and the resulting lack of portability it causes, and existence of the faster instructions mentioned above.

For IA64 architecture, EPC (Enter Privileged Mode) instruction is used. The first eight system call arguments are passed in registers, and the rest are passed on the stack.

System calls can be roughly grouped into five major categories:

1. Process Control.
   • end, abort
   • load, execute
   • create process, terminate process
   • get process attributes, set process attributes
   • wait for time
   • wait event, signal event
   • allocate and free memory
2. File management.
   • create file, delete file
   • open, close
   • read, write, reposition
   • get file attributes, set file attributes
3. Device Management.
   • request device, release device
   • read, write, reposition
   • get device attributes, set device attributes
   • logically attach or detach devices
4. Information Maintenance.
   • get time or date, set time or date
   • get system data, set system data
   • get process, file, or device attributes
   • set process, file, or device attributes
5. Communication.
   • create, delete communication connection
   • send, receive messages
   • transfer status information
   • attach or detach remote devices

• Interactive map of Linux
• Linux system calls - system calls for Linux kernel 2.2, with IA32 calling conventions
• How System Calls Work on Linux/i86
• Sysenter Based System Call Mechanism in Linux 2.6
• Kernel command using Linux system calls - IBM developerWorks
• HOWTO for Implementing a System Call on Linux 2.6 - Amit Choudhary
• Modular system programming on Minix 3

This article is based on material taken from the Free On-line Dictionary of Computing prior to 1 November 2008 and incorporated under the "relicensing" terms of the GFDL, version 1.3 or later.