https://github.com/idouble/nasm-assembly-linux-notes
🐧 Assembly with Linux (Notes, Syscalls, Protection Rings) 🐧
https://github.com/idouble/nasm-assembly-linux-notes
assembly kernel-mode kernel-module linux linux-kernel nasm nasm-assembly privilege-levels privileged-instruction protection-ring read ring-0 ring-3 ring0 ring3 syscalls systemcall systemcalls usermode write
Last synced: about 1 year ago
JSON representation
🐧 Assembly with Linux (Notes, Syscalls, Protection Rings) 🐧
- Host: GitHub
- URL: https://github.com/idouble/nasm-assembly-linux-notes
- Owner: IDouble
- License: mit
- Created: 2019-12-25T08:09:35.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2024-02-29T17:13:52.000Z (about 2 years ago)
- Last Synced: 2025-04-07T10:54:05.251Z (about 1 year ago)
- Topics: assembly, kernel-mode, kernel-module, linux, linux-kernel, nasm, nasm-assembly, privilege-levels, privileged-instruction, protection-ring, read, ring-0, ring-3, ring0, ring3, syscalls, systemcall, systemcalls, usermode, write
- Language: Assembly
- Homepage:
- Size: 2.24 MB
- Stars: 115
- Watchers: 5
- Forks: 13
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# 🐧 NASM Assembly Linux Notes 🐧
🐧 Assembly with **Linux** (Notes, **Syscalls**, **Protection Rings**) 🐧
## 🐧 System Calls Linux (Syscalls) 🐧
### ❓ What is a System Call? ❓
When you run a program which calls **open, fork, read, write** (and many others) you are making a **System Call**.
**System Calls** are how a program enters the kernel to perform some task. Programs use **System Calls** to perform a variety of operations such as: **creating processes, doing network and file IO**, and much more.
Example: A user running a word processor in **User Mode (Ring 3)** presses “save”: a **System Call** is made into **Kernel Mode (Ring 0)**, asking the **Kernel** to save the file.
## 📖 System Call Table (Syscall Table) 📖
#
Name
Registers
eax
ebx
ecx
edx
esi
edi
0
sys_restart_syscall
0x00
-
-
-
-
-
1
sys_exit
0x01
int error_code
-
-
-
-
2
sys_fork
0x02
struct pt_regs *
-
-
-
-
3
sys_read
0x03
unsigned int fd
char __user *buf
size_t count
-
-
4
sys_write
0x04
unsigned int fd
const char __user *buf
size_t count
-
-
5
sys_open
0x05
const char __user *filename
int flags
int mode
-
-
6
sys_close
0x06
unsigned int fd
-
-
-
-
7
sys_waitpid
0x07
pid_t pid
int __user *stat_addr
int options
-
-
8
sys_creat
0x08
const char __user *pathname
int mode
-
-
-
9
sys_link
0x09
const char __user *oldname
const char __user *newname
-
-
-
10
sys_unlink
0x0a
const char __user *pathname
-
-
-
-
11
sys_execve
0x0b
char __user *
char __user *__user *
char __user *__user *
struct pt_regs *
-
12
sys_chdir
0x0c
const char __user *filename
-
-
-
-
13
sys_time
0x0d
time_t __user *tloc
-
-
-
-
14
sys_mknod
0x0e
const char __user *filename
int mode
unsigned dev
-
-
15
sys_chmod
0x0f
const char __user *filename
mode_t mode
-
-
-
16
sys_lchown16
0x10
const char __user *filename
old_uid_t user
old_gid_t group
-
-
17
not implemented
0x11
-
-
-
-
-
18
sys_stat
0x12
char __user *filename
struct __old_kernel_stat __user *statbuf
-
-
-
19
sys_lseek
0x13
unsigned int fd
off_t offset
unsigned int origin
-
-
20
sys_getpid
0x14
-
-
-
-
-
21
sys_mount
0x15
char __user *dev_name
char __user *dir_name
char __user *type
unsigned long flags
void __user *data
22
sys_oldumount
0x16
char __user *name
-
-
-
-
23
sys_setuid16
0x17
old_uid_t uid
-
-
-
-
24
sys_getuid16
0x18
-
-
-
-
-
25
sys_stime
0x19
time_t __user *tptr
-
-
-
-
26
sys_ptrace
0x1a
long request
long pid
long addr
long data
-
27
sys_alarm
0x1b
unsigned int seconds
-
-
-
-
28
sys_fstat
0x1c
unsigned int fd
struct __old_kernel_stat __user *statbuf
-
-
-
29
sys_pause
0x1d
-
-
-
-
-
30
sys_utime
0x1e
char __user *filename
struct utimbuf __user *times
-
-
-
31
not implemented
0x1f
-
-
-
-
-
32
not implemented
0x20
-
-
-
-
-
33
sys_access
0x21
const char __user *filename
int mode
-
-
-
34
sys_nice
0x22
int increment
-
-
-
-
35
not implemented
0x23
-
-
-
-
-
36
sys_sync
0x24
-
-
-
-
-
37
sys_kill
0x25
int pid
int sig
-
-
-
38
sys_rename
0x26
const char __user *oldname
const char __user *newname
-
-
-
39
sys_mkdir
0x27
const char __user *pathname
int mode
-
-
-
40
sys_rmdir
0x28
const char __user *pathname
-
-
-
-
41
sys_dup
0x29
unsigned int fildes
-
-
-
-
42
sys_pipe
0x2a
int __user *fildes
-
-
-
-
43
sys_times
0x2b
struct tms __user *tbuf
-
-
-
-
44
not implemented
0x2c
-
-
-
-
-
45
sys_brk
0x2d
unsigned long brk
-
-
-
-
46
sys_setgid16
0x2e
old_gid_t gid
-
-
-
-
47
sys_getgid16
0x2f
-
-
-
-
-
48
sys_signal
0x30
int sig
__sighandler_t handler
-
-
-
49
sys_geteuid16
0x31
-
-
-
-
-
50
sys_getegid16
0x32
-
-
-
-
-
51
sys_acct
0x33
const char __user *name
-
-
-
-
52
sys_umount
0x34
char __user *name
int flags
-
-
-
53
not implemented
0x35
-
-
-
-
-
54
sys_ioctl
0x36
unsigned int fd
unsigned int cmd
unsigned long arg
-
-
55
sys_fcntl
0x37
unsigned int fd
unsigned int cmd
unsigned long arg
-
-
56
not implemented
0x38
-
-
-
-
-
57
sys_setpgid
0x39
pid_t pid
pid_t pgid
-
-
-
58
not implemented
0x3a
-
-
-
-
-
59
sys_olduname
0x3b
struct oldold_utsname __user *
-
-
-
-
60
sys_umask
0x3c
int mask
-
-
-
-
61
sys_chroot
0x3d
const char __user *filename
-
-
-
-
62
sys_ustat
0x3e
unsigned dev
struct ustat __user *ubuf
-
-
-
63
sys_dup2
0x3f
unsigned int oldfd
unsigned int newfd
-
-
-
64
sys_getppid
0x40
-
-
-
-
-
65
sys_getpgrp
0x41
-
-
-
-
-
66
sys_setsid
0x42
-
-
-
-
-
67
sys_sigaction
0x43
int sig
const struct old_sigaction __user *act
struct old_sigaction __user *oact
-
-
68
sys_sgetmask
0x44
-
-
-
-
-
69
sys_ssetmask
0x45
int newmask
-
-
-
-
70
sys_setreuid16
0x46
old_uid_t ruid
old_uid_t euid
-
-
-
71
sys_setregid16
0x47
old_gid_t rgid
old_gid_t egid
-
-
-
72
sys_sigsuspend
0x48
int history0
int history1
old_sigset_t mask
-
-
73
sys_sigpending
0x49
old_sigset_t __user *set
-
-
-
-
74
sys_sethostname
0x4a
char __user *name
int len
-
-
-
75
sys_setrlimit
0x4b
unsigned int resource
struct rlimit __user *rlim
-
-
-
76
sys_old_getrlimit
0x4c
unsigned int resource
struct rlimit __user *rlim
-
-
-
77
sys_getrusage
0x4d
int who
struct rusage __user *ru
-
-
-
78
sys_gettimeofday
0x4e
struct timeval __user *tv
struct timezone __user *tz
-
-
-
79
sys_settimeofday
0x4f
struct timeval __user *tv
struct timezone __user *tz
-
-
-
80
sys_getgroups16
0x50
int gidsetsize
old_gid_t __user *grouplist
-
-
-
81
sys_setgroups16
0x51
int gidsetsize
old_gid_t __user *grouplist
-
-
-
82
sys_old_select
0x52
struct sel_arg_struct __user *arg
-
-
-
-
83
sys_symlink
0x53
const char __user *old
const char __user *new
-
-
-
84
sys_lstat
0x54
char __user *filename
struct __old_kernel_stat __user *statbuf
-
-
-
85
sys_readlink
0x55
const char __user *path
char __user *buf
int bufsiz
-
-
86
sys_uselib
0x56
const char __user *library
-
-
-
-
87
sys_swapon
0x57
const char __user *specialfile
int swap_flags
-
-
-
88
sys_reboot
0x58
int magic1
int magic2
unsigned int cmd
void __user *arg
-
89
sys_old_readdir
0x59
unsigned int
struct old_linux_dirent __user *
unsigned int
-
-
90
sys_old_mmap
0x5a
struct mmap_arg_struct __user *arg
-
-
-
-
91
sys_munmap
0x5b
unsigned long addr
size_t len
-
-
-
92
sys_truncate
0x5c
const char __user *path
long length
-
-
-
93
sys_ftruncate
0x5d
unsigned int fd
unsigned long length
-
-
-
94
sys_fchmod
0x5e
unsigned int fd
mode_t mode
-
-
-
95
sys_fchown16
0x5f
unsigned int fd
old_uid_t user
old_gid_t group
-
-
96
sys_getpriority
0x60
int which
int who
-
-
-
97
sys_setpriority
0x61
int which
int who
int niceval
-
-
98
not implemented
0x62
-
-
-
-
-
99
sys_statfs
0x63
const char __user * path
struct statfs __user *buf
-
-
-
100
sys_fstatfs
0x64
unsigned int fd
struct statfs __user *buf
-
-
-
101
sys_ioperm
0x65
unsigned long
unsigned long
int
-
-
102
sys_socketcall
0x66
int call
unsigned long __user *args
-
-
-
103
sys_syslog
0x67
int type
char __user *buf
int len
-
-
104
sys_setitimer
0x68
int which
struct itimerval __user *value
struct itimerval __user *ovalue
-
-
105
sys_getitimer
0x69
int which
struct itimerval __user *value
-
-
-
106
sys_newstat
0x6a
char __user *filename
struct stat __user *statbuf
-
-
-
107
sys_newlstat
0x6b
char __user *filename
struct stat __user *statbuf
-
-
-
108
sys_newfstat
0x6c
unsigned int fd
struct stat __user *statbuf
-
-
-
109
sys_uname
0x6d
struct old_utsname __user *
-
-
-
-
110
sys_iopl
0x6e
unsigned int
struct pt_regs *
-
-
-
111
sys_vhangup
0x6f
-
-
-
-
-
112
not implemented
0x70
-
-
-
-
-
113
sys_vm86old
0x71
struct vm86_struct __user *
struct pt_regs *
-
-
-
114
sys_wait4
0x72
pid_t pid
int __user *stat_addr
int options
struct rusage __user *ru
-
115
sys_swapoff
0x73
const char __user *specialfile
-
-
-
-
116
sys_sysinfo
0x74
struct sysinfo __user *info
-
-
-
-
117
sys_ipc
0x75
-
-
-
-
-
118
sys_fsync
0x76
unsigned int fd
-
-
-
-
119
sys_sigreturn
0x77
struct pt_regs *regs
-
-
-
-
120
sys_clone
0x78
unsigned long
unsigned long
unsigned long
unsigned long
struct pt_regs *
121
sys_setdomainname
0x79
char __user *name
int len
-
-
-
122
sys_newuname
0x7a
struct new_utsname __user *name
-
-
-
-
123
sys_modify_ldt
0x7b
int
void __user *
unsigned long
-
-
124
sys_adjtimex
0x7c
struct timex __user *txc_p
-
-
-
-
125
sys_mprotect
0x7d
unsigned long start
size_t len
unsigned long prot
-
-
126
sys_sigprocmask
0x7e
int how
old_sigset_t __user *set
old_sigset_t __user *oset
-
-
127
not implemented
0x7f
-
-
-
-
-
128
sys_init_module
0x80
void __user *umod
unsigned long len
const char __user *uargs
-
-
129
sys_delete_module
0x81
const char __user *name_user
unsigned int flags
-
-
-
130
not implemented
0x82
-
-
-
-
-
131
sys_quotactl
0x83
unsigned int cmd
const char __user *special
qid_t id
void __user *addr
-
132
sys_getpgid
0x84
pid_t pid
-
-
-
-
133
sys_fchdir
0x85
unsigned int fd
-
-
-
-
134
sys_bdflush
0x86
int func
long data
-
-
-
135
sys_sysfs
0x87
int option
unsigned long arg1
unsigned long arg2
-
-
136
sys_personality
0x88
unsigned int personality
-
-
-
-
137
not implemented
0x89
-
-
-
-
-
138
sys_setfsuid16
0x8a
old_uid_t uid
-
-
-
-
139
sys_setfsgid16
0x8b
old_gid_t gid
-
-
-
-
140
sys_llseek
0x8c
unsigned int fd
unsigned long offset_high
unsigned long offset_low
loff_t __user *result
unsigned int origin
141
sys_getdents
0x8d