I am using a Xen installation, paravirtualized 64 bit kernel. >From what I have seen, to make the system call in x86, you essentially put the syscall number in eax, then, int 0x80.
For amd64, I am reading that "syscall" is used. Using gdb, I discovered that the function syscall(syscall_number) puts syscall_number in %edi, then 0 into eax. I also notice that the return value is in eax. Therefore, am I correct in believing that the following would work to implement the system call via asm? mov syscall_number, %edi mov 0x0, %eax syscall mov %eax, return value. Unfortunately, when I view the asm output of what the C function syscall() does, it is a call to the function: 0x000000000040052d <main+25>: callq 0x400440 <sysc...@plt> And, disassembling the function: (gdb) disassemble syscall Dump of assembler code for function syscall: 0x000000000040cb20 <syscall+0>: mov %rdi,%rax 0x000000000040cb23 <syscall+3>: mov %rsi,%rdi 0x000000000040cb26 <syscall+6>: mov %rdx,%rsi 0x000000000040cb29 <syscall+9>: mov %rcx,%rdx 0x000000000040cb2c <syscall+12>: mov %r8,%r10 0x000000000040cb2f <syscall+15>: mov %r9,%r8 0x000000000040cb32 <syscall+18>: mov 0x8(%rsp),%r9 0x000000000040cb37 <syscall+23>: syscall 0x000000000040cb39 <syscall+25>: cmp $0xfffffffffffff001,%rax 0x000000000040cb3f <syscall+31>: jae 0x40e0c0 <__syscall_error> 0x000000000040cb45 <syscall+37>: retq So, the above is showing me that syscall is in fact called after the registers values have again been changed, and, rdi having containted the value of the syscall number, is moved in to rax. Essentially, I am wanting to know what the assembly requirements are for calling the syscall opcode.
