Date: Fri, 1 Aug 2003 07:44:02 +0300 From: Ruslan Ermilov <ru@freebsd.org> To: Ryan Sommers <ryans@gamersimpact.com> Cc: freebsd-hackers@freebsd.org Subject: Re: Assembly Syscall Question Message-ID: <20030801044402.GF51362@sunbay.com> In-Reply-To: <20030731201227.28952.qmail@neuroflux.com> References: <20030731201227.28952.qmail@neuroflux.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--27ZtN5FSuKKSZcBU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 31, 2003 at 04:12:27PM -0400, Ryan Sommers wrote: > When making a system call to the kernel why is it necessary to push the= =20 > syscall value onto the stack when you don't call another function?=20 >=20 > Example:=20 >=20 > access.the.bsd.kernel: > int 80h > ret=20 >=20 > func: > mov eax, 4 ; Write > call access.the.bsd.kernel > ; End=20 >=20 > Works. However: > func: > mov eax, 4 ; Write > int 80h > ; End=20 >=20 > Doesn't.=20 >=20 This is because in a C library, all system calls are wrapped into C functions, so the stack looks like this when in the syscall code in libc: return address to a program syscall args So the kernel knows how to account for a return address to access actual arguments. So when calling the kernel directly (not through a C library wrapper function), we need to align the stack to fake the kernel we're calling it from the syscall code in libc. Cheers, --=20 Ruslan Ermilov Sysadmin and DBA, ru@sunbay.com Sunbay Software Ltd, ru@FreeBSD.org FreeBSD committer --27ZtN5FSuKKSZcBU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE/KfASUkv4P6juNwoRAuIvAJwIS+xiURcx7EdKRUchHkmy16S+EwCgh+zt lwh9Xx+OmiYK5tqCbXZqfEI= =3Uw8 -----END PGP SIGNATURE----- --27ZtN5FSuKKSZcBU--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030801044402.GF51362>