Linux syscall - dklibc/dklibc GitHub Wiki
POSIX declares API. Libc implements POSIX API. But libc cannot do this without help from kernel. Libc uses kernel functions ("syscalls") How to do a syscall depends on arch. For x86 Linux syscalls are done by int 0x80. The most functions from the POSIX API have a corresponding syscall. One-by-one: one call of POSIX function leads to the single syscall. But there are exceptions from this rule: wrapper libc function can make a great job by preparing args and doing different syscalls.
For the most of the Linux syscalls there is the corresponding function in glibc. If you haven't a new version of glibc but you need to test a new syscall -- use glibc wrapper for doing syscall by its number: long syscall(long number, ...) Symbolic constants of syscalls numbers (SYS_bla_bla) you can get here -- sys/syscall.h
For asm-masters:
- Store syscall number in EAX
- Store the rest of syscall args in (by order): EBX, ECX, EDX, ESI, EDI, EBP
- int 0x80
- Result will be in EAX
mov eax, 1 ; Exit syscall xor ebx, ebx ; exit code = 0 int 0x80 ; Do it!
Compare: BSD kernel gets syscall args from the stack.