How to read a Linux system call table

2 How to read a Linux system call table

A system call is usually characterized by the following attributes:

number: this is an ID (integer) that identifies the system call. This value should be in register eax when the software interrupt 0x80 occurs.
name: this is a symbolic name given to the system call. This is also the name that the system call is known by in C. You can usually look up the system call just by using man 2 xyz, where xyz is the name of the system call.

When a system call is looked up using “man 2 xyz”, it usually has several parameters. The parameters, assuming they are 32-bit scalars, should be initialized to registers ebx, ecx, edx, esx, and edi in that order.

If a system call returns a value (most do), the value is stored in register eax a system call returns.

[next] [prev] [prev-tail] [front] [up]