logo

System Calls

System calls allow the kernel to carefully expose certain key pieces of functionality to user programs, such as accessing the file system, creating and destroying processes, communicating with other processes, and allocating more memory.

Early Unix systems exposed around twenty calls, Linux and OpenBSD each have over 300 different calls, NetBSD has close to 500, FreeBSD has over 500.

A system call is a C procedure call, the change of mode is achieved by special instructions hidden inside:

  • trap instruction: enter kernel mode.
  • return-from-trap instruction: back to user program in user mode.

ioctl

Controls hardware devices.

Kernel accepts device drivers as extra modules. Device drivers run in kernel space and can directly address the device. ioctl is a single system call that userspace can use it to communicate with device drivers.

Unix command-line interface is built on pseudo terminals, which are controlled as if they were hardware devices, so ioctl is used.

seccomp

Secure computing mode (seccomp): Any system calls not on the list are disallowed.

It can be used to sandbox the privileges of a process, restricting the calls it is able to make from userspace into the kernel.