Linux,系统调用表,32 和 x64
我不太明白 1.所有linux机器的系统调用地址是否相同(或者取决于编译选项) 2. 32x86和x64的系统调用地址是否相同?我在网上找到了一些参考资料,例如swapon有x87地址,但没有指定它是32位还是64位内核版本
I do not understand clearly
1. does system call addresses are the same for all linux machines (or they depend on compilation options)
2. does 32x86 and x64 have the same addresses of system calls? I have found some references in the web, for example swapon has x87 address, but not specified is it 32 bit or 64bit kernel version
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我认为您在这里混淆了两个非常重要的概念。有两个不同的“地址”需要理解:
系统调用号码。这些是您在运行“执行系统调用”的 sysenter(或中断)之前使用的整数值。对于给定的 ABI,这些始终是相同的。 ABI是应用程序二进制接口;在机器之间获取已编译程序并使其运行的能力。
x86 Linux 和 x86_64 Linux 具有不同的 ABI,因此系统调用号也不同。但在运行 x86 Linux 的两个不同发行版之间,ABI 是相同的,因此这些系统是 ABI 兼容的,理论上您应该能够移植程序。
实际上,它比这更复杂(共享库、路径等)。
如果您想查看系统上内核函数的地址并且您有 System.map(您可能有),请尝试:
您系统的系统调用表在
/usr 中定义分别为 /include/asm/unistd_32.h或/usr/include/asm/unistd_64.h。I think you're confusing two quite important concepts here. There are two different "addresses" as such to understand:
System call numbers. These are the integer values you use before running a
sysenter(or an interrupt) which say "do a system call". These are always the same for a given ABI. The ABI is the application binary interface; the ability to take a compiled program between machines and have it run.x86 Linux and x86_64 Linux have different ABIs and as such the system call numbers are different. But between two different distributions running x86 Linux the ABI is the same, so these systems are ABI compatible and theoretically you should be able to port programs.
Practically, it is more complicated than that (shared libraries, paths etc).
If you want to see the address of a kernel function on your system and you have
System.map(you probably do), try:The system call table for your system is defined in
/usr/include/asm/unistd_32.hor/usr/include/asm/unistd_64.hrespectively.在 Linux 中,系统调用没有地址。当然,它们位于内存中的某个地址的某个地方,但调用程序通常不知道它们(甚至无法访问该内存)。通常它们由中断调用(例如Linux使用0x80,MS-Dos例如使用0x21)。调用进程仅请求软件中断,然后中断处理程序处理系统调用。调用类型和参数预先放入某些寄存器中,因此内核知道要做什么。
在更现代的CPU中,设计者发明了特定的指令(例如Intel/AMD有SYSCALL/SYSENTER),因此不必使用中断方式来调用系统调用,但从用户角度来看基本上是相同的。
当然,有一个中断表,它的条目有所不同,具体取决于您使用的是 x64 还是 32。
In Linux syscalls dont have an address. Of course they are somewhere, at some address in memory, but the calling programs usually does not know them (or even have access to that memory). Normally they are invoked by an interrupt (e.g. Linux used 0x80, MS-Dos e.g. used 0x21). The calling process just request the software interrupt and the interrupt handler then handles the syscall. The kind of call and the parameters are beforehand put into certain registers, so the kernel knows what to do.
In more modern cpus the designer invented specific instructions (e.g. Intel/AMD have SYSCALL/SYSENTER), so one has not to use the interrupt way to invoke the syscalls, but basically it is the same from the user perspective.
Of course there is somehwere a interrupttable, which differs in it entries, depending whether you are on x64 or 32.