Scaler
Academy
Data Science
Neovarsity
New
Skill Test
Free Masterclass
Search for Articles, Topics
Linux System Call in Detail

Linux System Call in Detail

By Akshay Mishra
6 mins read
Last updated: 1 Sep 2023
175 views
Topics Covered

In Linux, system calls act as a link between user programs and the kernel of the underlying operating system. They give user programs a means of requesting services and carrying out privileged actions. File operations, process management, network connectivity, and hardware access are a few examples of these activities. User programs go from user mode to kernel mode, which causes a switch to the kernel when they need to perform a system call. After doing the requested operation and taking the appropriate steps, the kernel returns the outcome to the caller program. System calls are essential for giving user programs access to the operating system's features while preserving security, stability, and resource management. They form the foundation of Linux's functionality and allow for efficient interaction between user programs and the kernel.

How Linux System Calls Work?

Linux system calls provide a crucial mechanism for user programs to interact with the underlying operating system kernel. Understanding how system calls work in Linux involves exploring the steps involved in making a system call, the role of the kernel in handling these requests, and the overall flow of execution.

  1. User Program to System Call:

    When a user program needs to perform a privileged operation or request a service from the kernel, it initiates a system call. This can be done through specific function calls provided by programming libraries, such as the C library. For example, the "open()" function in C is used to request the kernel to open a file.

  2. Transition to Kernel Mode:

    To execute a system call, the user program needs to transition from user mode to kernel mode. User mode is the mode in which user programs run, and it has restricted access to system resources for security purposes. Kernel mode, on the other hand, allows direct access to system resources and performs privileged operations. The transition from user mode to kernel mode is triggered by a software interrupt or an exception.

  3. System Call Number:

    Once in kernel mode, the kernel needs to determine which system call the user program is requesting. Each system call is associated with a unique number, referred to as the system call number or identifier. The user program typically provides this number as an argument to indicate the desired system call. For example, the system call number for opening a file may be represented by the value 5.

  4. System Call Table:

    To map the system call number to the corresponding system call handler, Linux maintains a system call table. The system call table is an array of function pointers, where each entry corresponds to a specific system call. The system call number serves as an index to locate the appropriate entry in the system call table.

  5. System Call Handler:

    Once the system call number is determined, the kernel invokes the corresponding system call handler. The system call handler is a function within the kernel that implements the functionality associated with the specific system call. For example, if the system call number indicates file opening, the kernel invokes the "sys_open()" function as the system call handler.

  6. Copying Arguments:

    System calls often require arguments to be passed from the user program to the kernel. These arguments can include file paths, buffer addresses, or other relevant information. Before executing the system call handler, the kernel needs to ensure that these arguments are accessible in kernel mode. Therefore, the kernel copies the arguments from user-space memory to kernel-space memory for the system call handler to access.

  7. Execution of System Call Handler:

    With the system call handler invoked and the necessary arguments available in kernel mode, the handler executes the requested operation. It performs the required actions, such as opening a file, allocating memory, or performing input/output operations. The system call handler may interact with various kernel subsystems, such as the file system, process scheduler, or network stack, to fulfill the requested operation.

  8. Return to User Mode:

    After the system call handler has executed and provided the result, the kernel transitions the execution back to user mode. The user program can then continue its execution, utilizing the returned value or handling any encountered errors appropriately.

Categories of System Calls

System calls in Linux can be categorized into various groups based on the functionality they provide. These categories represent different areas of interaction between user programs and the operating system kernel. Here are some of the common categories of system calls in Linux:

Process Management:

System calls in this category are used to manage processes, including creating new processes, terminating processes, and manipulating process attributes. Some important system calls in this category include:

  1. fork(): Creates a new child process by duplicating the calling process.
  2. exec(): Replaces the current process with a new process.
  3. wait(): Suspends the execution of the calling process until one of its child processes terminates.
  4. kill(): Sends a signal to a specified process or process group.
  5. getpid(): Retrieves the process ID of the calling process.

File Operations:

System calls in this category are used for file management, including opening, closing, reading, and writing files. They provide the interface for interacting with the file system and performing various file-related operations. Examples of system calls in this category include:

  1. open(): Opens a file and returns a file descriptor.
  2. read(): Reads data from a file into a buffer.
  3. write(): Writes data from a buffer to a file.
  4. close(): Closes a file.
  5. stat(): Retrieves information about a file.

Device Control:

System calls in this category are used to interact with hardware devices, such as input/output devices and peripherals. They provide functionality to control and communicate with devices connected to the system. Some system calls in this category include:

  1. ioctl(): Performs device-specific input/output control operations.
  2. read(): Reads data from a device.
  3. write(): Writes data to a device.
  4. open(): Opens a device file for access.

Network Communication:

System calls in this category are used for network communication, allowing processes to send and receive data over the network. They provide the necessary functionality for creating network connections, transmitting and receiving data, and managing network-related attributes. Examples of system calls in this category include:

  1. socket(): Creates a new communication endpoint (socket) for network communication.
  2. bind(): Associates a socket with a specific network address.
  3. connect(): Establishes a connection to a remote socket.
  4. send(): Sends data over a socket.
  5. recv(): Receives data from a socket.

Memory Management:

System calls in this category are used for managing memory, including allocating and deallocating memory resources. They provide mechanisms for memory allocation, deallocation, and manipulation. Some important system calls in this category include:

  1. brk(): Changes the end of the data segment of the calling process.
  2. mmap(): Maps files or devices into memory.
  3. munmap(): Unmaps mapped memory regions.
  4. malloc(): Allocates memory dynamically.
  5. free(): Releases dynamically allocated memory.

Signal Handling:

System calls in this category are used for signal management, allowing processes to handle and respond to various events and interrupts. They provide functionality for registering signal handlers, sending signals, and handling signal events. Examples of system calls in this category include:

  1. signal(): Sets a signal handler for a specific signal.
  2. kill(): Sends a signal to a process.
  3. sigaction(): Sets the action to be taken upon receiving a specific signal.

Time and Date:

System calls in this category provide functionality for obtaining and manipulating system time and date information. They allow processes to retrieve the current time, set system time, and perform time-related calculations. Some important system calls in this category include:

  1. time(): Retrieves the current system time.
  2. gettimeofday(): Retrieves the current time and date with microsecond precision.
  3. clock_gettime(): Retrieves the value of a specified clock.

System Information:

System calls in this category provide access to system-related information, such as system configuration, resource limits, and system status. They allow processes to retrieve information about the system and its environment. Examples of system calls in this category include:

  1. uname(): Retrieves system and kernel information.
  2. gethostname(): Retrieves the name of the current host.
  3. getrlimit(): Retrieves resource limits for the calling process.
  4. sysinfo(): Retrieves system information.

Conclusion

  • System calls in Linux are essential mechanisms that enable user programs to interact with the underlying operating system kernel.
  • They provide a bridge between user programs and the kernel, allowing access to privileged operations and essential services.
  • User programs initiate system calls to request services or perform operations that require kernel-level access.
  • The transition from user mode to kernel mode is triggered when a system call is made, ensuring security and controlled execution.
  • Each system call is associated with a unique system call number, which is used to identify the requested operation.
  • System call handlers are functions within the kernel that implement the functionality associated with specific system calls.
  • Arguments required for system calls are copied from user-space memory to kernel-space memory for access by the system call handlers.
  • System call handlers execute the requested operations, interacting with various kernel subsystems to fulfill the tasks.
  • Return values from system call handlers provide results or status information to the user programs.
  • After the system call handler completes, execution transitions back to user mode.
  • System calls can be categorized into groups based on their functionality, such as process management, file operations, device control, network communication, memory management, signal handling, time and date, and system information.