Questions tagged [system-calls]
Questions concerning the details of how a program uses system calls to interact with the kernel API, what calls are available, how they work etc.
393 questions
3
votes
2
answers
69
views
+100
What would be the most reliable way to obtain PID, remote address and port combinations for all connections?
I tried tcp_connect, udp_sendmsg kprobes together on an eBPF program and it worked, but it missed a lot of connections. I couldn't really get any reliable results with other kprobes as well so I tried ...
3
votes
1
answer
68
views
File acess permissions missing after setuid() system call
I have a file access problem in a self developed daemon process after a setuid() system call. I already post this question to SO but the impression is that the problem is not C++ related but Linux ...
- 33
0
votes
2
answers
299
views
What is the difference between user-space and kernel-space program/application?
I am currently learning about Kernels in operating system and I often come across the terms "user-space applications" and "programs"—especially in the context of the kernel's ...
0
votes
0
answers
59
views
How to trace recvfrom and sendto syscall each time apache2/httpd handle incoming http request?
So, I decided to start learn about system call with strace and want to observe network-related system call on apache2 processes, here's how I attach it:
pidof -s apache2
pstree -sTp <pid-from-pidof&...
- 33
0
votes
0
answers
38
views
BPF program attached to `getname` won't get called when calling the `renameat2` syscall
I'm fiddling with a BPF program that needs to attach to the two "getname" functions that are being called from the renameat2 syscall, defined in linux/fs/namei.c as:
SYSCALL_DEFINE5(...
1
vote
2
answers
556
views
Is systemd the first process that runs in user mode in linux?
I know that switching from user mode to kernel mode occurs continuously via system calls. My question is if systemd is the exact point during the starting of a linux system where the first ...
- 11
10
votes
1
answer
2k
views
What is the rationale for the change of syscall calling convention in new Linuxes?
Quoting from https://www.kernel.org/doc/Documentation/process/adding-syscalls.rst:
At least on 64-bit x86, it will be a hard requirement from v4.17
onwards to not call system call functions in the ...
- 29.7k
6
votes
1
answer
403
views
getdents() syscall appears to be returning different results within a container
I'm trying to read what type of file /dev/null is. If I use stat() it reports correctly that it's a character device.
If I use getdents(), it also reports that it's a character device - unless I run ...
- 63
2
votes
1
answer
2k
views
Linux syscalls: advantage of copy_file_range over sendfile?
I understand that classically, the Linux Kernel was conservative about adding new syscalls.
But, I've learned about the existence of copy_file_range, which seems to do the exact same thing as sendfile....
- 506
5
votes
1
answer
201
views
is stat(2) read-after-write consistent with write(2)?
man 2 write states:
POSIX requires that a read(2) that can be proved to occur after a write() has returned will return the new data. Note that not all filesystems are POSIX conforming.
In Linux, is ...
0
votes
2
answers
765
views
man syscalls is missing in arch linux
I just can't find it. I've installed linux-docs with sudo pacman -S linux-docs but still man syscalls does not work.
- 103
3
votes
1
answer
1k
views
Man pages, syscalls, and libc
Why is epoll_create not listed as a library function (man pages, section 3), but accept is? While both functions are provided by libc and both refers to kernel syscalls?
I know that "why" ...
- 586
2
votes
0
answers
420
views
Parallelism and I/O in Linux
I'm a bit confused about how the Linux kernel handles parallelism during I/O operations (if it handles it at all).
I assume it can concurrently operate on file descriptors, but does it achieve ...
- 21
12
votes
3
answers
3k
views
Why isn't something like compound syscalls implemented?
Syscalls (system calls) cause some performance penalty due to the isolation between kernel and user space. Therefore, it sounds like a good idea to reduce syscalls.
So what I thought is, that we could ...
- 343
9
votes
1
answer
5k
views
Why can Wine convert Windows systemcall to Linux systemcall?
As long as the architectures are the same, it is no wonder that Windows .exe file can run on the Linux system (if it is properly loaded on the RAM). But systemcalls of Linux and Windows are entirely ...
- 619
2
votes
0
answers
52
views
system call poll for /tmp/.X11-unix/X1 takes too long
I have a GUI program that takes too long to respond, so I used strace -T to report all its system calls.
I find the reason causing the program slow is poll costs too much time. For example, the ...
- 170
4
votes
1
answer
908
views
How to get the current cgroup ID from C/C++?
The eBPF helper functions define bpf_get_current_cgroup_id for eBPF programs, which does the obvious thing
u64 bpf_get_current_cgroup_id(void)
Return A 64-bit integer containing the current ...
- 41
1
vote
1
answer
852
views
How can I efficiently read entries in a directory?
I would like my program to efficiently detect if a file was added to a directory between two invocations. That analysis might block user input (this would be for the fish shell), so I want it to run ...
9
votes
1
answer
610
views
What happened to llseek and e2fsck?
lseek man page:
When users complained about data loss caused by a
miscompilation of e2fsck(8), glibc 2.1.3 added the link-time
warning
"the llseek function may be dangerous; use `lseek64
...
- 421
2
votes
1
answer
870
views
How are system call functions linked to an executable?
Say I write a non-sensical program that features a single system call, open:
#include <fcntl.h>
void main()
{
int hi = open("does not exist", 0);
}
When I compile the program ...
- 1,023
8
votes
5
answers
3k
views
What is difference between sleep and NOP in depth?
I am trying to learn operating system concepts. Here is two simple python code:
while True:
pass
and this one:
from time import sleep
while True:
sleep(0.00000001)
Question: Why when running ...
- 185
1
vote
1
answer
481
views
Why is the linux system call interface architecture-dependent?
So one thing I'm not clear on is why transitioning from user space to kernel space is architecture-dependent. For example, the linux kernel v5.4 code for system calls entering kernel space is ...
- 181
-1
votes
1
answer
639
views
Can the stdout (1) file descriptor be re-used after closing?
I first call close(1) and then later open a file using open() syscall.
Is it possible that open() returns 1 because it will use the lowest free file descriptor?
I have read that open() uses the lowest ...
- 1,022
2
votes
2
answers
727
views
X11: what system calls does X.Org Server use to realize GUI environment?
Recently, I am studying Xlib and come to have a question: What system calls (API's) does X.Org Server use to realize GUI environment.
In terms of output, what system calls enable us to draw windows (...
- 619
7
votes
4
answers
5k
views
Using System calls directly
I have a big confusion regarding the system calls in OS. According to the book "operating systems concepts 9th ", it is mentioned (in page 63) that :
Most programmers never see this level ...
- 217