system call過程

linux v5.10 x64作為範例

為什麼syscal
A.2 AMD64 Linux Kernel Conventions

syscall_init(void)
wrmsrl(MSR_LSTAR, (unsigned long)entry_SYSCALL_64);

entry_SYSCALL_64

do_syscall_64
sys_call_tablenr

Invalid system call number:38

為什麼syscall不符合abi?

syscall macro

接下來實驗SYSCALL_DEFINEx擴展macro後的名稱

1
wget -O- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/plain/arch/x86/include/asm/syscall_wrapper.h?h=v5.10  | sed  "s/#include/\\\\\\\\#include/g" >> syscall_wrapper.h

1
wget -O- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/plain/include/linux/syscalls.h?h=v5.10  | sed  "s/#include/\\\\\\\\#include/g" >> syscalls.h

1
wget -O- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/plain/include/linux/build_bug.h?h=v5.10  | sed  "s/#include/\\\\\\\\#include/g" >> build_bug.h

1
2
3
4
5
6
7
8
#include "syscalls.h"
#include "syscall_wrapper.h"

SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr,
		unsigned long, data)
{
    Tunghai University
}

我們資料夾下面有syscall_wrapper.h,syscalls.h,build_bug.h,main.c4個檔案

觀看macro如何展開-DCONFIG_X86_64代表#ifdef CONFIG_X86_64這個區塊的文字可以展開

gcc -E  main.c -DCONFIG_X86_64

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 static long __se_sys_ptrace(__typeof(__builtin_choose_expr((__same_type((__force long)0, 0LL) || __same_type((__force long)0, 0ULL)), 0LL, 0L)) request, __typeof(__builtin_choose_expr((__same_type((__force long)0, 0LL) || __same_type((__force long)0, 0ULL)), 0LL, 0L)) pid, __typeof(__builtin_choose_expr((__same_type((__force unsigned long)0, 0LL) || __same_type((__force unsigned long)0, 0ULL)), 0LL, 0L)) addr, __typeof(__builtin_choose_expr((__same_type((__force unsigned long)0, 0LL) || __same_type((__force unsigned long)0, 0ULL)), 0LL, 0L)) data); 
 
 
 static inline long __do_sys_ptrace(long request, long pid, unsigned long addr, unsigned long data); 
 
 
 long __x64_sys_ptrace(const struct pt_regs *regs); 
 
 
 ALLOW_ERROR_INJECTION(__x64_sys_ptrace, ERRNO); 
 
 
 long __x64_sys_ptrace(const struct pt_regs *regs) { return __se_sys_ptrace(regs->di, regs->si, regs->dx, regs->r10); } 
 
 
 static long __se_sys_ptrace(__typeof(__builtin_choose_expr((__same_type((__force long)0, 0LL) || __same_type((__force long)0, 0ULL)), 0LL, 0L)) request, __typeof(__builtin_choose_expr((__same_type((__force long)0, 0LL) || __same_type((__force long)0, 0ULL)), 0LL, 0L)) pid, __typeof(__builtin_choose_expr((__same_type((__force unsigned long)0, 0LL) || __same_type((__force unsigned long)0, 0ULL)), 0LL, 0L)) addr, __typeof(__builtin_choose_expr((__same_type((__force unsigned long)0, 0LL) || __same_type((__force unsigned long)0, 0ULL)), 0LL, 0L)) data) { 
     
     long ret = __do_sys_ptrace((__force long) request, (__force long) pid, (__force unsigned long) addr, (__force unsigned long) data); 
     
     
     (void)((int)(sizeof(struct { int:(-!!(!(__same_type((__force long)0, 0LL) || __same_type((__force long)0, 0ULL)) && sizeof(long) > sizeof(long))); }))), (void)((int)(sizeof(struct { int:(-!!(!(__same_type((__force long)0, 0LL) || __same_type((__force long)0, 0ULL)) && sizeof(long) > sizeof(long))); }))), (void)((int)(sizeof(struct { int:(-!!(!(__same_type((__force unsigned long)0, 0LL) || __same_type((__force unsigned long)0, 0ULL)) && sizeof(unsigned long) > sizeof(long))); }))), (void)((int)(sizeof(struct { int:(-!!(!(__same_type((__force unsigned long)0, 0LL) || __same_type((__force unsigned long)0, 0ULL)) && sizeof(unsigned long) > sizeof(long))); }))); 
     
     asmlinkage_protect(4, ret,request, pid, addr, data); 
     
     return ret; } 
 static inline long __do_sys_ptrace(long request, long pid, unsigned long addr, unsigned long data)
{
    Tunghai University
}

由此可知調用的過程,因為ftrace只有追蹤__x64_sys_ptrace這個函數,所以我們沒有看到看到__se_sys_ptrace->__do_sys_ptrace這個過程

SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr, unsigned long, data) 被展開static inline long __do_sys_ptrace(long request, long pid, unsigned long addr, unsigned long data)

__x64_sys_ptrace->__se_sys_ptrace->__do_sys_ptrace

來源

整理與翻譯來源David DrysdaleAnatomy of a system call, part 1

The Definitive Guide to Linux System Calls

What are the calling conventions for UNIX & Linux system calls (and user-space functions) on i386 and x86-64

System V Application Binary Interface AMD64 Architecture Processor Supplement

How to Add a System Call

Linux内核源码分析 - 系统调用

System calls in the Linux kernel. Part 2.