x86::syscall
[−]
[src]
macro_rules! syscall { ($arg0:expr) => { ... }; ($arg0:expr, $arg1:expr) => { ... }; ($arg0:expr, $arg1:expr, $arg2:expr) => { ... }; ($arg0:expr, $arg1:expr, $arg2:expr, $arg3:expr) => { ... }; ($arg0:expr, $arg1:expr, $arg2:expr, $arg3:expr, $arg4:expr) => { ... }; ($arg0:expr, $arg1:expr, $arg2:expr, $arg3:expr, $arg4:expr, $arg5:expr) => { ... }; ($arg0:expr, $arg1:expr, $arg2:expr, $arg3:expr, $arg4:expr, $arg5:expr, $arg6:expr) => { ... }; ($arg0:expr, $arg1:expr, $arg2:expr, $arg3:expr, $arg4:expr, $arg5:expr, $arg6:expr, $arg7:expr) => { ... }; }
It does so by loading RIP from the IA32_LSTAR MSR (after saving the address of the instruction following SYSCALL into RCX).
"A.2 AMD64 Linux Kernel Conventions" of System V Application Binary Interface AMD64 Architecture Processor Supplement:
- The kernel interface uses %rdi, %rsi, %rdx, %r10, %r8 and %r9.
- A system-call is done via the syscall instruction. The kernel destroys registers %rcx and %r11.
- The number of the syscall has to be passed in register %rax.
- System-calls are limited to six arguments, no argument is passed directly on the stack.
- Returning from the syscall, register %rax contains the result of the system-call. A value in the range between -4095 and -1 indicates an error, it is -errno.
- Only values of class INTEGER or class MEMORY are passed to the kernel.
This code is inspired by the syscall.rs (https://github.com/kmcallister/syscall.rs/) project.