Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/idouble/nasm-assembly-linux-notes
🐧 Assembly with Linux (Notes, Syscalls, Protection Rings) 🐧
https://github.com/idouble/nasm-assembly-linux-notes
assembly kernel-mode kernel-module linux linux-kernel nasm nasm-assembly privilege-levels privileged-instruction protection-ring read ring-0 ring-3 ring0 ring3 syscalls systemcall systemcalls usermode write
Last synced: 15 days ago
JSON representation
🐧 Assembly with Linux (Notes, Syscalls, Protection Rings) 🐧
- Host: GitHub
- URL: https://github.com/idouble/nasm-assembly-linux-notes
- Owner: IDouble
- License: mit
- Created: 2019-12-25T08:09:35.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2024-02-29T17:13:52.000Z (9 months ago)
- Last Synced: 2024-10-23T12:22:23.810Z (24 days ago)
- Topics: assembly, kernel-mode, kernel-module, linux, linux-kernel, nasm, nasm-assembly, privilege-levels, privileged-instruction, protection-ring, read, ring-0, ring-3, ring0, ring3, syscalls, systemcall, systemcalls, usermode, write
- Language: Assembly
- Homepage:
- Size: 2.24 MB
- Stars: 94
- Watchers: 6
- Forks: 13
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# 🐧 NASM Assembly Linux Notes 🐧
🐧 Assembly with **Linux** (Notes, **Syscalls**, **Protection Rings**) 🐧
## 🐧 System Calls Linux (Syscalls) 🐧
### ❓ What is a System Call? ❓
When you run a program which calls **open, fork, read, write** (and many others) you are making a **System Call**.
**System Calls** are how a program enters the kernel to perform some task. Programs use **System Calls** to perform a variety of operations such as: **creating processes, doing network and file IO**, and much more.
Example: A user running a word processor in **User Mode (Ring 3)** presses “save”: a **System Call** is made into **Kernel Mode (Ring 0)**, asking the **Kernel** to save the file.
## 📖 System Call Table (Syscall Table) 📖
#
Name
Registers
eax
ebx
ecx
edx
esi
edi
0
sys_restart_syscall
0x00
-
-
-
-
-
1
sys_exit
0x01
int error_code
-
-
-
-
2
sys_fork
0x02
struct pt_regs *
-
-
-
-
3
sys_read
0x03
unsigned int fd
char __user *buf
size_t count
-
-
4
sys_write
0x04
unsigned int fd
const char __user *buf
size_t count
-
-
5
sys_open
0x05
const char __user *filename
int flags
int mode
-
-
6
sys_close
0x06
unsigned int fd
-
-
-
-
7
sys_waitpid
0x07
pid_t pid
int __user *stat_addr
int options
-
-
8
sys_creat
0x08
const char __user *pathname
int mode
-
-
-
9
sys_link
0x09
const char __user *oldname
const char __user *newname
-
-
-
10
sys_unlink
0x0a
const char __user *pathname
-
-
-
-
11
sys_execve
0x0b
char __user *
char __user *__user *
char __user *__user *
struct pt_regs *
-
12
sys_chdir
0x0c
const char __user *filename
-
-
-
-
13
sys_time
0x0d
time_t __user *tloc
-
-
-
-
14
sys_mknod
0x0e
const char __user *filename
int mode
unsigned dev
-
-
15
sys_chmod
0x0f
const char __user *filename
mode_t mode
-
-
-
16
sys_lchown16
0x10
const char __user *filename
old_uid_t user
old_gid_t group
-
-
17
not implemented
0x11
-
-
-
-
-
18
sys_stat
0x12
char __user *filename
struct __old_kernel_stat __user *statbuf
-
-
-
19
sys_lseek
0x13
unsigned int fd
off_t offset
unsigned int origin
-
-
20
sys_getpid
0x14
-
-
-
-
-
21
sys_mount
0x15
char __user *dev_name
char __user *dir_name
char __user *type
unsigned long flags
void __user *data
22
sys_oldumount
0x16
char __user *name
-
-
-
-
23
sys_setuid16
0x17
old_uid_t uid
-
-
-
-
24
sys_getuid16
0x18
-
-
-
-
-
25
sys_stime
0x19
time_t __user *tptr
-
-
-
-
26
sys_ptrace
0x1a
long request
long pid
long addr
long data
-
27
sys_alarm
0x1b
unsigned int seconds
-
-
-
-
28
sys_fstat
0x1c
unsigned int fd
struct __old_kernel_stat __user *statbuf
-
-
-
29
sys_pause
0x1d
-
-
-
-
-
30
sys_utime
0x1e
char __user *filename
struct utimbuf __user *times
-
-
-
31
not implemented
0x1f
-
-
-
-
-
32
not implemented
0x20
-
-
-
-
-
33
sys_access
0x21
const char __user *filename
int mode
-
-
-
34
sys_nice
0x22
int increment
-
-
-
-
35
not implemented
0x23
-
-
-
-
-
36
sys_sync
0x24
-
-
-
-
-
37
sys_kill
0x25
int pid
int sig
-
-
-
38
sys_rename
0x26
const char __user *oldname
const char __user *newname
-
-
-
39
sys_mkdir
0x27
const char __user *pathname
int mode
-
-
-
40
sys_rmdir
0x28
const char __user *pathname
-
-
-
-
41
sys_dup
0x29
unsigned int fildes
-
-
-
-
42
sys_pipe
0x2a
int __user *fildes
-
-
-
-
43
sys_times
0x2b
struct tms __user *tbuf
-
-
-
-
44
not implemented
0x2c
-
-
-
-
-
45
sys_brk
0x2d
unsigned long brk
-
-
-
-
46
sys_setgid16
0x2e
old_gid_t gid
-
-
-
-
47
sys_getgid16
0x2f
-
-
-
-
-
48
sys_signal
0x30
int sig
__sighandler_t handler
-
-
-
49
sys_geteuid16
0x31
-
-
-
-
-
50
sys_getegid16
0x32
-
-
-
-
-
51
sys_acct
0x33
const char __user *name
-
-
-
-
52
sys_umount
0x34
char __user *name
int flags
-
-
-
53
not implemented
0x35
-
-
-
-
-
54
sys_ioctl
0x36
unsigned int fd
unsigned int cmd
unsigned long arg
-
-
55
sys_fcntl
0x37
unsigned int fd
unsigned int cmd
unsigned long arg
-
-
56
not implemented
0x38
-
-
-
-
-
57
sys_setpgid
0x39
pid_t pid
pid_t pgid
-
-
-
58
not implemented
0x3a
-
-
-
-
-
59
sys_olduname
0x3b
struct oldold_utsname __user *
-
-
-
-
60
sys_umask
0x3c
int mask
-
-
-
-
61
sys_chroot
0x3d
const char __user *filename
-
-
-
-
62
sys_ustat
0x3e
unsigned dev
struct ustat __user *ubuf
-
-
-
63
sys_dup2
0x3f
unsigned int oldfd
unsigned int newfd
-
-
-
64
sys_getppid
0x40
-
-
-
-
-
65
sys_getpgrp
0x41
-
-
-
-
-
66
sys_setsid
0x42
-
-
-
-
-
67
sys_sigaction
0x43
int sig
const struct old_sigaction __user *act
struct old_sigaction __user *oact
-
-
68
sys_sgetmask
0x44
-
-
-
-
-
69
sys_ssetmask
0x45
int newmask
-
-
-
-
70
sys_setreuid16
0x46
old_uid_t ruid
old_uid_t euid
-
-
-
71
sys_setregid16
0x47
old_gid_t rgid
old_gid_t egid
-
-
-
72
sys_sigsuspend
0x48
int history0
int history1
old_sigset_t mask
-
-
73
sys_sigpending
0x49
old_sigset_t __user *set
-
-
-
-
74
sys_sethostname
0x4a
char __user *name
int len
-
-
-
75
sys_setrlimit
0x4b
unsigned int resource
struct rlimit __user *rlim
-
-
-
76
sys_old_getrlimit
0x4c
unsigned int resource
struct rlimit __user *rlim
-
-
-
77
sys_getrusage
0x4d
int who
struct rusage __user *ru
-
-
-
78
sys_gettimeofday
0x4e
struct timeval __user *tv
struct timezone __user *tz
-
-
-
79
sys_settimeofday
0x4f
struct timeval __user *tv
struct timezone __user *tz
-
-
-
80
sys_getgroups16
0x50
int gidsetsize
old_gid_t __user *grouplist
-
-
-
81
sys_setgroups16
0x51
int gidsetsize
old_gid_t __user *grouplist
-
-
-
82
sys_old_select
0x52
struct sel_arg_struct __user *arg
-
-
-
-
83
sys_symlink
0x53
const char __user *old
const char __user *new
-
-
-
84
sys_lstat
0x54
char __user *filename
struct __old_kernel_stat __user *statbuf
-
-
-
85
sys_readlink
0x55
const char __user *path
char __user *buf
int bufsiz
-
-
86
sys_uselib
0x56
const char __user *library
-
-
-
-
87
sys_swapon
0x57
const char __user *specialfile
int swap_flags
-
-
-
88
sys_reboot
0x58
int magic1
int magic2
unsigned int cmd
void __user *arg
-
89
sys_old_readdir
0x59
unsigned int
struct old_linux_dirent __user *
unsigned int
-
-
90
sys_old_mmap
0x5a
struct mmap_arg_struct __user *arg
-
-
-
-
91
sys_munmap
0x5b
unsigned long addr
size_t len
-
-
-
92
sys_truncate
0x5c
const char __user *path
long length
-
-
-
93
sys_ftruncate
0x5d
unsigned int fd
unsigned long length
-
-
-
94
sys_fchmod
0x5e
unsigned int fd
mode_t mode
-
-
-
95
sys_fchown16
0x5f
unsigned int fd
old_uid_t user
old_gid_t group
-
-
96
sys_getpriority
0x60
int which
int who
-
-
-
97
sys_setpriority
0x61
int which
int who
int niceval
-
-
98
not implemented
0x62
-
-
-
-
-
99
sys_statfs
0x63
const char __user * path
struct statfs __user *buf
-
-
-
100
sys_fstatfs
0x64
unsigned int fd
struct statfs __user *buf
-
-
-
101
sys_ioperm
0x65
unsigned long
unsigned long
int
-
-
102
sys_socketcall
0x66
int call
unsigned long __user *args
-
-
-
103
sys_syslog
0x67
int type
char __user *buf
int len
-
-
104
sys_setitimer
0x68
int which
struct itimerval __user *value
struct itimerval __user *ovalue
-
-
105
sys_getitimer
0x69
int which
struct itimerval __user *value
-
-
-
106
sys_newstat
0x6a
char __user *filename
struct stat __user *statbuf
-
-
-
107
sys_newlstat
0x6b
char __user *filename
struct stat __user *statbuf
-
-
-
108
sys_newfstat
0x6c
unsigned int fd
struct stat __user *statbuf
-
-
-
109
sys_uname
0x6d
struct old_utsname __user *
-
-
-
-
110
sys_iopl
0x6e
unsigned int
struct pt_regs *
-
-
-
111
sys_vhangup
0x6f
-
-
-
-
-
112
not implemented
0x70
-
-
-
-
-
113
sys_vm86old
0x71
struct vm86_struct __user *
struct pt_regs *
-
-
-
114
sys_wait4
0x72
pid_t pid
int __user *stat_addr
int options
struct rusage __user *ru
-
115
sys_swapoff
0x73
const char __user *specialfile
-
-
-
-
116
sys_sysinfo
0x74
struct sysinfo __user *info
-
-
-
-
117
sys_ipc
0x75
-
-
-
-
-
118
sys_fsync
0x76
unsigned int fd
-
-
-
-
119
sys_sigreturn
0x77
struct pt_regs *regs
-
-
-
-
120
sys_clone
0x78
unsigned long
unsigned long
unsigned long
unsigned long
struct pt_regs *
121
sys_setdomainname
0x79
char __user *name
int len
-
-
-
122
sys_newuname
0x7a
struct new_utsname __user *name
-
-
-
-
123
sys_modify_ldt
0x7b
int
void __user *
unsigned long
-
-
124
sys_adjtimex
0x7c
struct timex __user *txc_p
-
-
-
-
125
sys_mprotect
0x7d
unsigned long start
size_t len
unsigned long prot
-
-
126
sys_sigprocmask
0x7e
int how
old_sigset_t __user *set
old_sigset_t __user *oset
-
-
127
not implemented
0x7f
-
-
-
-
-
128
sys_init_module
0x80
void __user *umod
unsigned long len
const char __user *uargs
-
-
129
sys_delete_module
0x81
const char __user *name_user
unsigned int flags
-
-
-
130
not implemented
0x82
-
-
-
-
-
131
sys_quotactl
0x83
unsigned int cmd
const char __user *special
qid_t id
void __user *addr
-
132
sys_getpgid
0x84
pid_t pid
-
-
-
-
133
sys_fchdir
0x85
unsigned int fd
-
-
-
-
134
sys_bdflush
0x86
int func
long data
-
-
-
135
sys_sysfs
0x87
int option
unsigned long arg1
unsigned long arg2
-
-
136
sys_personality
0x88
unsigned int personality
-
-
-
-
137
not implemented
0x89
-
-
-
-
-
138
sys_setfsuid16
0x8a
old_uid_t uid
-
-
-
-
139
sys_setfsgid16
0x8b
old_gid_t gid
-
-
-
-
140
sys_llseek
0x8c
unsigned int fd
unsigned long offset_high
unsigned long offset_low
loff_t __user *result
unsigned int origin
141
sys_getdents
0x8d
unsigned int fd
struct linux_dirent __user *dirent
unsigned int count
-
-
142
sys_select
0x8e
int n
fd_set __user *inp
fd_set __user *outp
fd_set __user *exp
struct timeval __user *tvp
143
sys_flock
0x8f
unsigned int fd
unsigned int cmd
-
-
-
144
sys_msync
0x90
unsigned long start
size_t len
int flags
-
-
145
sys_readv
0x91
unsigned long fd
const struct iovec __user *vec
unsigned long vlen
-
-
146
sys_writev
0x92
unsigned long fd
const struct iovec __user *vec
unsigned long vlen
-
-
147
sys_getsid
0x93
pid_t pid
-
-
-
-
148
sys_fdatasync
0x94
unsigned int fd
-
-
-
-
149
sys_sysctl
0x95
struct __sysctl_args __user *args
-
-
-
-
150
sys_mlock
0x96
unsigned long start
size_t len
-
-
-
151
sys_munlock
0x97
unsigned long start
size_t len
-
-
-
152
sys_mlockall
0x98
int flags
-
-
-
-
153
sys_munlockall
0x99
-
-
-
-
-
154
sys_sched_setparam
0x9a
pid_t pid
struct sched_param __user *param
-
-
-
155
sys_sched_getparam
0x9b
pid_t pid
struct sched_param __user *param
-
-
-
156
sys_sched_setscheduler
0x9c
pid_t pid
int policy
struct sched_param __user *param
-
-
157
sys_sched_getscheduler
0x9d
pid_t pid
-
-
-
-
158
sys_sched_yield
0x9e
-
-
-
-
-
159
sys_sched_get_priority_max
0x9f
int policy
-
-
-
-
160
sys_sched_get_priority_min
0xa0
int policy
-
-
-
-
161
sys_sched_rr_get_interval
0xa1
pid_t pid
struct timespec __user *interval
-
-
-
162
sys_nanosleep
0xa2
struct timespec __user *rqtp
struct timespec __user *rmtp
-
-
-
163
sys_mremap
0xa3
unsigned long addr
unsigned long old_len
unsigned long new_len
unsigned long flags
unsigned long new_addr
164
sys_setresuid16
0xa4
old_uid_t ruid
old_uid_t euid
old_uid_t suid
-
-
165
sys_getresuid16
0xa5
old_uid_t __user *ruid
old_uid_t __user *euid
old_uid_t __user *suid
-
-
166
sys_vm86
0xa6
unsigned long
unsigned long
struct pt_regs *
-
-
167
not implemented
0xa7
-
-
-
-
-
168
sys_poll
0xa8
struct pollfd __user *ufds
unsigned int nfds
long timeout
-
-
169
sys_nfsservctl
0xa9
int cmd
struct nfsctl_arg __user *arg
void __user *res
-
-
170
sys_setresgid16
0xaa
old_gid_t rgid
old_gid_t egid
old_gid_t sgid
-
-
171
sys_getresgid16
0xab
old_gid_t __user *rgid
old_gid_t __user *egid
old_gid_t __user *sgid
-
-
172
sys_prctl
0xac
int option
unsigned long arg2
unsigned long arg3
unsigned long arg4
unsigned long arg5
173
sys_rt_sigreturn
0xad
struct pt_regs *
-
-
-
-
174
sys_rt_sigaction
0xae
int sig
const struct sigaction __user *act
struct sigaction __user *oact
size_t sigsetsize
-
175
sys_rt_sigprocmask
0xaf
int how
sigset_t __user *set
sigset_t __user *oset
size_t sigsetsize
-
176
sys_rt_sigpending
0xb0
sigset_t __user *set
size_t sigsetsize
-
-
-
177
sys_rt_sigtimedwait
0xb1
const sigset_t __user *uthese
siginfo_t __user *uinfo
const struct timespec __user *uts
size_t sigsetsize
-
178
sys_rt_sigqueueinfo
0xb2
int pid
int sig
siginfo_t __user *uinfo
-
-
179
sys_rt_sigsuspend
0xb3
sigset_t __user *unewset
size_t sigsetsize
-
-
-
180
sys_pread64
0xb4
unsigned int fd
char __user *buf
size_t count
loff_t pos
-
181
sys_pwrite64
0xb5
unsigned int fd
const char __user *buf
size_t count
loff_t pos
-
182
sys_chown16
0xb6
const char __user *filename
old_uid_t user
old_gid_t group
-
-
183
sys_getcwd
0xb7
char __user *buf
unsigned long size
-
-
-
184
sys_capget
0xb8
cap_user_header_t header
cap_user_data_t dataptr
-
-
-
185
sys_capset
0xb9
cap_user_header_t header
const cap_user_data_t data
-
-
-
186
sys_sigaltstack
0xba
const stack_t __user *
stack_t __user *
struct pt_regs *
-
-
187
sys_sendfile
0xbb
int out_fd
int in_fd
off_t __user *offset
size_t count
-
188
not implemented
0xbc
-
-
-
-
-
189
not implemented
0xbd
-
-
-
-
-
190
sys_vfork
0xbe
struct pt_regs *
-
-
-
-
191
sys_getrlimit
0xbf
unsigned int resource
struct rlimit __user *rlim
-
-
-
192
sys_mmap_pgoff
0xc0
-
-
-
-
-
193
sys_truncate64
0xc1
const char __user *path
loff_t length
-
-
-
194
sys_ftruncate64
0xc2
unsigned int fd
loff_t length
-
-
-
195
sys_stat64
0xc3
char __user *filename
struct stat64 __user *statbuf
-
-
-
196
sys_lstat64
0xc4
char __user *filename
struct stat64 __user *statbuf
-
-
-
197
sys_fstat64
0xc5
unsigned long fd
struct stat64 __user *statbuf
-
-
-
198
sys_lchown
0xc6
const char __user *filename
uid_t user
gid_t group
-
-
199
sys_getuid
0xc7
-
-
-
-
-
200
sys_getgid
0xc8
-
-
-
-
-
201
sys_geteuid
0xc9
-
-
-
-
-
202
sys_getegid
0xca
-
-
-
-
-
203
sys_setreuid
0xcb
uid_t ruid
uid_t euid
-
-
-
204
sys_setregid
0xcc
gid_t rgid
gid_t egid
-
-
-
205
sys_getgroups
0xcd
int gidsetsize
gid_t __user *grouplist
-
-
-
206
sys_setgroups
0xce
int gidsetsize
gid_t __user *grouplist
-
-
-
207
sys_fchown
0xcf
unsigned int fd
uid_t user
gid_t group
-
-
208
sys_setresuid
0xd0
uid_t ruid
uid_t euid
uid_t suid
-
-
209
sys_getresuid
0xd1
uid_t __user *ruid
uid_t __user *euid
uid_t __user *suid
-
-
210
sys_setresgid
0xd2
gid_t rgid
gid_t egid
gid_t sgid
-
-
211
sys_getresgid
0xd3
gid_t __user *rgid
gid_t __user *egid
gid_t __user *sgid
-
-
212
sys_chown
0xd4
const char __user *filename
uid_t user
gid_t group
-
-
213
sys_setuid
0xd5
uid_t uid
-
-
-
-
214
sys_setgid
0xd6
gid_t gid
-
-
-
-
215
sys_setfsuid
0xd7
uid_t uid
-
-
-
-
216
sys_setfsgid
0xd8
gid_t gid
-
-
-
-
217
sys_pivot_root
0xd9
const char __user *new_root
const char __user *put_old
-
-
-
218
sys_mincore
0xda
unsigned long start
size_t len
unsigned char __user * vec
-
-
219
sys_madvise
0xdb
unsigned long start
size_t len
int behavior
-
-
220
sys_getdents64
0xdc
unsigned int fd
struct linux_dirent64 __user *dirent
unsigned int count
-
-
221
sys_fcntl64
0xdd
unsigned int fd
unsigned int cmd
unsigned long arg
-
-
222
not implemented
0xde
-
-
-
-
-
223
not implemented
0xdf
-
-
-
-
-
224
sys_gettid
0xe0
-
-
-
-
-
225
sys_readahead
0xe1
int fd
loff_t offset
size_t count
-
-
226
sys_setxattr
0xe2
const char __user *path
const char __user *name
const void __user *value
size_t size
int flags
227
sys_lsetxattr
0xe3
const char __user *path
const char __user *name
const void __user *value
size_t size
int flags
228
sys_fsetxattr
0xe4
int fd
const char __user *name
const void __user *value
size_t size
int flags
229
sys_getxattr
0xe5
const char __user *path
const char __user *name
void __user *value
size_t size
-
230
sys_lgetxattr
0xe6
const char __user *path
const char __user *name
void __user *value
size_t size
-
231
sys_fgetxattr
0xe7
int fd
const char __user *name
void __user *value
size_t size
-
232
sys_listxattr
0xe8
const char __user *path
char __user *list
size_t size
-
-
233
sys_llistxattr
0xe9
const char __user *path
char __user *list
size_t size
-
-
234
sys_flistxattr
0xea
int fd
char __user *list
size_t size
-
-
235
sys_removexattr
0xeb
const char __user *path
const char __user *name
-
-
-
236
sys_lremovexattr
0xec
const char __user *path
const char __user *name
-
-
-
237
sys_fremovexattr
0xed
int fd
const char __user *name
-
-
-
238
sys_tkill
0xee
int pid
int sig
-
-
-
239
sys_sendfile64
0xef
int out_fd
int in_fd
loff_t __user *offset
size_t count
-
240
sys_futex
0xf0
-
-
-
-
-
241
sys_sched_setaffinity
0xf1
pid_t pid
unsigned int len
unsigned long __user
*user_mask_ptr
-
-
242
sys_sched_getaffinity
0xf2
pid_t pid
unsigned int len
unsigned long __user
*user_mask_ptr
-
-
243
sys_set_thread_area
0xf3
struct user_desc __user *
-
-
-
-
244
sys_get_thread_area
0xf4
struct user_desc __user *
-
-
-
-
245
sys_io_setup
0xf5
unsigned nr_reqs
aio_context_t __user *ctx
-
-
-
246
sys_io_destroy
0xf6
aio_context_t ctx
-
-
-
-
247
sys_io_getevents
0xf7
aio_context_t ctx_id
long min_nr
long nr
struct io_event __user *events
struct timespec __user *timeout
248
sys_io_submit
0xf8
aio_context_t
long
struct iocb __user * __user *
-
-
249
sys_io_cancel
0xf9
aio_context_t ctx_id
struct iocb __user *iocb
struct io_event __user *result
-
-
250
sys_fadvise64
0xfa
int fd
loff_t offset
size_t len
int advice
-
251
not implemented
0xfb
-
-
-
-
-
252
sys_exit_group
0xfc
int error_code
-
-
-
-
253
sys_lookup_dcookie
0xfd
u64 cookie64
char __user *buf
size_t len
-
-
254
sys_epoll_create
0xfe
int size
-
-
-
-
255
sys_epoll_ctl
0xff
int epfd
int op
int fd
struct epoll_event __user *event
-
256
sys_epoll_wait
0x100
int epfd
struct epoll_event __user *events
int maxevents
int timeout
-
257
sys_remap_file_pages
0x101
unsigned long start
unsigned long size
unsigned long prot
unsigned long pgoff
unsigned long flags
258
sys_set_tid_address
0x102
int __user *tidptr
-
-
-
-
259
sys_timer_create
0x103
clockid_t which_clock
struct sigevent __user *timer_event_spec
timer_t __user *
created_timer_id
-
-
260
sys_timer_settime
0x104
timer_t timer_id
int flags
const struct itimerspec __user *new_setting
struct itimerspec __user *old_setting
-
261
sys_timer_gettime
0x105
timer_t timer_id
struct itimerspec __user *setting
-
-
-
262
sys_timer_getoverrun
0x106
timer_t timer_id
-
-
-
-
263
sys_timer_delete
0x107
timer_t timer_id
-
-
-
-
264
sys_clock_settime
0x108
clockid_t which_clock
const struct timespec __user *tp
-
-
-
265
sys_clock_gettime
0x109
clockid_t which_clock
struct timespec __user *tp
-
-
-
266
sys_clock_getres
0x10a
clockid_t which_clock
struct timespec __user *tp
-
-
-
267
sys_clock_nanosleep
0x10b
clockid_t which_clock
int flags
const struct timespec __user *rqtp
struct timespec __user *rmtp
-
268
sys_statfs64
0x10c
const char __user *path
size_t sz
struct statfs64 __user *buf
-
-
269
sys_fstatfs64
0x10d
unsigned int fd
size_t sz
struct statfs64 __user *buf
-
-
270
sys_tgkill
0x10e
int tgid
int pid
int sig
-
-
271
sys_utimes
0x10f
char __user *filename
struct timeval __user *utimes
-
-
-
272
sys_fadvise64_64
0x110
int fd
loff_t offset
loff_t len
int advice
-
273
not implemented
0x111
-
-
-
-
-
274
sys_mbind
0x112
-
-
-
-
-
275
sys_get_mempolicy
0x113
int __user *policy
unsigned long __user *nmask
unsigned long maxnode
unsigned long addr
unsigned long flags
276
sys_set_mempolicy
0x114
int mode
unsigned long __user *nmask
unsigned long maxnode
-
-
277
sys_mq_open
0x115
const char __user *name
int oflag
mode_t mode
struct mq_attr __user *attr
-
278
sys_mq_unlink
0x116
const char __user *name
-
-
-
-
279
sys_mq_timedsend
0x117
mqd_t mqdes
const char __user *msg_ptr
size_t msg_len
unsigned int msg_prio
const struct timespec __user
*abs_timeout
280
sys_mq_timedreceive
0x118
mqd_t mqdes
char __user *msg_ptr
size_t msg_len
unsigned int __user *msg_prio
const struct timespec __user
*abs_timeout
281
sys_mq_notify
0x119
mqd_t mqdes
const struct sigevent __user *notification
-
-
-
282
sys_mq_getsetattr
0x11a
mqd_t mqdes
const struct mq_attr __user *mqstat
struct mq_attr __user *omqstat
-
-
283
sys_kexec_load
0x11b
unsigned long entry
unsigned long nr_segments
struct kexec_segment __user *segments
unsigned long flags
-
284
sys_waitid
0x11c
int which
pid_t pid
struct siginfo __user *infop
int options
struct rusage __user *ru
285
not implemented
0x11d
-
-
-
-
-
286
sys_add_key
0x11e
const char __user *_type
const char __user *_description
const void __user *_payload
size_t plen
key_serial_t destringid
287
sys_request_key
0x11f
const char __user *_type
const char __user *_description
const char __user *_callout_info
key_serial_t destringid
-
288
sys_keyctl
0x120
int cmd
unsigned long arg2
unsigned long arg3
unsigned long arg4
unsigned long arg5
289
sys_ioprio_set
0x121
int which
int who
int ioprio
-
-
290
sys_ioprio_get
0x122
int which
int who
-
-
-
291
sys_inotify_init
0x123
-
-
-
-
-
292
sys_inotify_add_watch
0x124
int fd
const char __user *path
u32 mask
-
-
293
sys_inotify_rm_watch
0x125
int fd
__s32 wd
-
-
-
294
sys_migrate_pages
0x126
pid_t pid
unsigned long maxnode
const unsigned long __user *from
const unsigned long __user *to
-
295
sys_openat
0x127
int dfd
const char __user *filename
int flags
int mode
-
296
sys_mkdirat
0x128
int dfd
const char __user * pathname
int mode
-
-
297
sys_mknodat
0x129
int dfd
const char __user * filename
int mode
unsigned dev
-
298
sys_fchownat
0x12a
int dfd
const char __user *filename
uid_t user
gid_t group
int flag
299
sys_futimesat
0x12b
int dfd
char __user *filename
struct timeval __user *utimes
-
-
300
sys_fstatat64
0x12c
int dfd
char __user *filename
struct stat64 __user *statbuf
int flag
-
301
sys_unlinkat
0x12d
int dfd
const char __user * pathname
int flag
-
-
302
sys_renameat
0x12e
int olddfd
const char __user * oldname
int newdfd
const char __user * newname
-
303
sys_linkat
0x12f
int olddfd
const char __user *oldname
int newdfd
const char __user *newname
int flags
304
sys_symlinkat
0x130
const char __user * oldname
int newdfd
const char __user * newname
-
-
305
sys_readlinkat
0x131
int dfd
const char __user *path
char __user *buf
int bufsiz
-
306
sys_fchmodat
0x132
int dfd
const char __user * filename
mode_t mode
-
-
307
sys_faccessat
0x133
int dfd
const char __user *filename
int mode
-
-
308
sys_pselect6
0x134
-
-
-
-
-
309
sys_ppoll
0x135
struct pollfd __user *ufds
unsigned int nfds
struct timespec __user *tsp
const sigset_t __user *sigmask
size_t sigsetsize
310
sys_unshare
0x136
unsigned long unshare_flags
-
-
-
-
311
sys_set_robust_list
0x137
struct robust_list_head __user *head
size_t len
-
-
-
312
sys_get_robust_list
0x138
int pid
struct robust_list_head __user * __user
*head_ptr
size_t __user *len_ptr
-
-
313
sys_splice
0x139
-
-
-
-
-
314
sys_sync_file_range
0x13a
int fd
loff_t offset
loff_t nbytes
unsigned int flags
-
315
sys_tee
0x13b
int fdin
int fdout
size_t len
unsigned int flags
-
316
sys_vmsplice
0x13c
int fd
const struct iovec __user *iov
unsigned long nr_segs
unsigned int flags
-
317
sys_move_pages
0x13d
-
-
-
-
-
318
sys_getcpu
0x13e
unsigned __user *cpu
unsigned __user *node
struct getcpu_cache __user *cache
-
-
319
sys_epoll_pwait
0x13f
-
-
-
-
-
320
sys_utimensat
0x140
int dfd
char __user *filename
struct timespec __user *utimes
int flags
-
321
sys_signalfd
0x141
int ufd
sigset_t __user *user_mask
size_t sizemask
-
-
322
sys_timerfd_create
0x142
int clockid
int flags
-
-
-
323
sys_eventfd
0x143
unsigned int count
-
-
-
-
324
sys_fallocate
0x144
int fd
int mode
loff_t offset
loff_t len
-
325
sys_timerfd_settime
0x145
int ufd
int flags
const struct itimerspec __user *utmr
struct itimerspec __user *otmr
-
326
sys_timerfd_gettime
0x146
int ufd
struct itimerspec __user *otmr
-
-
-
327
sys_signalfd4
0x147
int ufd
sigset_t __user *user_mask
size_t sizemask
int flags
-
328
sys_eventfd2
0x148
unsigned int count
int flags
-
-
-
329
sys_epoll_create1
0x149
int flags
-
-
-
-
330
sys_dup3
0x14a
unsigned int oldfd
unsigned int newfd
int flags
-
-
331
sys_pipe2
0x14b
int __user *fildes
int flags
-
-
-
332
sys_inotify_init1
0x14c
int flags
-
-
-
-
333
sys_preadv
0x14d
unsigned long fd
const struct iovec __user *vec
unsigned long vlen
unsigned long pos_l
unsigned long pos_h
334
sys_pwritev
0x14e
unsigned long fd
const struct iovec __user *vec
unsigned long vlen
unsigned long pos_l
unsigned long pos_h
335
sys_rt_tgsigqueueinfo
0x14f
pid_t tgid
pid_t pid
int sig
siginfo_t __user *uinfo
-
336
sys_perf_event_open
0x150
struct perf_event_attr __user *attr_uptr
pid_t pid
int cpu
int group_fd
unsigned long flags
337
sys_recvmmsg
0x151
int fd
struct mmsghdr __user *msg
unsigned int vlen
unsigned flags
struct timespec __user *timeout
## 🔧 Simple System Call Example calling SYS_WRITE (kernel opcode 4) 🔧
At Line **17**: **mov eax, 4 ; invoke SYS_WRITE (kernel opcode 4)**
```
; Hello World Program
; Compile with: nasm -f elf helloworld.asm
; Link with (64 bit systems require elf_i386 option): ld -m elf_i386 helloworld.o -o helloworld
; Run with: ./helloworld
SECTION .data
msg db 'Hello World!', 0Ah ; assign msg variable with your message string
SECTION .text
global _start
_start:
mov edx, 13 ; number of bytes to write - one for each letter plus 0Ah (line feed character)
mov ecx, msg ; move the memory address of our message string into ecx
mov ebx, 1 ; write to the STDOUT file
mov eax, 4 ; invoke SYS_WRITE (kernel opcode 4)
int 80h
```
## 🐧 Protection Rings / Privilege Levels 🐧
The x86-64 CPUs have a concept called **Privilege Levels**. (also often called **Protection Rings**)
**Linux** only uses **Ring 0** and **3** for **Kernel Mode (Ring 0)** and **User Mode (Ring 3)**. Thus, all user mode processes, running when the system is in any run level execute in **Ring 3**, until they make a **System Call** into kernel code, which transitions the cpu to **Ring 0**.
1. The **Kernel** runs at the most **privileged level**, called **Ring 0**. **User programs** run at **Ring 3**.
2. **Ring 0** can execute any system instruction and is given full trust.
3. To enter **Kernel Mode (Ring 0)**, you must perform a **System Call**. (Another Way to use **Kernel Mode (Ring 0)** is by writing **Linux Kernel Modules** in C.) *Additional Info: In Windows you usually program a **driver** in C to use Kernel Mode (Ring 0) and like **Linux**, Windows only uses **Ring 0** and **3** too.*
