Syscall

References:

X86-32 (i386)

  • %eax for syscall number
  • %ebx, %ecx, %edx, %esi, %edi, %ebp are used for passing 6 parameters to system calls.
  • if there are more than six arguments, %ebx must contain the memory location where the list of arguments is stored.

FreeBSD System Calls

By default, FreeBSD kernel uses the C calling convention.

It is assumed the program will call a function that issues int 80h, rather than issuing int80h directly.

kernel:
	int	80h	; Call kernel
	ret

open:
	push	dword mode
	push	dword flags
	push	dword path
	mov	eax, 5
	call	kernel
	add	esp, byte 12
	ret
open:
	push	dword mode
	push	dword flags
	push	dword path
	mov	eax, 5
	push	eax		; Or any other dword
	int	80h
	add	esp, byte 16

More

Created Sep 11, 2020 // Last Updated Sep 11, 2020

If you could revise
the fundmental principles of
computer system design
to improve security...

... what would you change?