Definitive? Actually, it’s not and going to die.
fs and gs register
For using in TLS, please check OSDEV TLS
#define __percpu_seg gs
#define __percpu_mov_op movq
#define __percpu_seg fs
#define __percpu_mov_op movl
Steps to handle intterrupt
For logical address to linear address, see intel SDM v3a 3.4 LOGICAL AND LINEAR ADDRESSES.
For stack switching during escalate the CPL, see SDM v3a 5.8.5 stack switching. The processor will automatically chose the espCPL stack to use during changing in privilege level.
For more details on stack switching, please check the Figure 5-13. Stack Switching During an Interprivilege-Level Call
For fast system call, check 3a 5.8.7 Performing Fast Calls to System Procedures
For TSS and TR, check 3a 7.2
For Linux hanld irq processes, check ULK 3rd Chapter 4: Hardware Handling of Interrupts and Exceptions
Common path for syscalls
glibc -> AT_SYSINFO-> __kernel_vsyscall -> sysenter/syscall/in0x80
just for vDSO syscalls
glibc -> AT_SYSINFO_EHDR-> vDSO elf
The Definitive Guide to Linux System Calls
Measurements of system call performance and overhead
AMD vs Intel and syscall vs sysenter
System Call Optimization with the SYSENTER Instruction
Sysenter Based System Call Mechanism in Linux 2.6
Meltdown and Spectre
- save: pc + 1, old rsp, registers
pc + 1-> RCX
IA32_LSTAR -> pc
64-bit long mode: syscall; check syscall_init
64-bit compatible kernel: sysenter, syscall, or int 0x80; check __kernel_vsyscall and def_idts
??32-bit kernel: int 0x80, sysenter;
vDSO and vsyscall
64-bit without COMPAT32/compatible kernel
[ 730.583700] traps: int80 general protection ip:4000c4 sp:7ffd84b59730 error:402 in int80[400000+1000]
Segmentation fault (core dumped)
rcx and r10
Check x86_64 ABI: Linux conventions and
According to x86 syscall instruction, rcx is used to passing next rip.
According to entry_SYSCALL_64, rcx is rip before it is pushed on the kernel stack.
So r10 is right 4th args passed from userspace.
According to do_syscall_64,
regs->ax = sys_call_tablenr;
x86 32 asmlinkage
By default gcc passes parameters on the stack for x86-32 arch, so what is it needed for? It’s because linux kernel uses -mregparm=3 option which overrides the default behaviour
enbaled -mregparm=3 Shrinking the kernel with gcc
What is asmlinkage?
However, for C functions invoked from assembly code, we should explicitly declare the function’s calling convention, because the parameter passing code in assembly side has been fixed. Show all predefined macros for your compiler