mac OS与iOS的系统调用

  • Post author:
  • Post category:其他


系统调用在mac OS 操作系统上 x86_64 使用syscall,32位使用 int 0x80。

中断号定义在#import <sys/syscall.h>

syscall.h

#ifndef _SYS_SYSCALL_H_
#define	_SYS_SYSCALL_H_

#include <sys/appleapiopts.h>
#ifdef __APPLE_API_PRIVATE
#define	SYS_syscall        0
#define	SYS_exit           1
#define	SYS_fork           2
#define	SYS_read           3
#define	SYS_write          4
#define	SYS_open           5
#define	SYS_close          6
#define	SYS_wait4          7

调用分几种

syscall_sw.h的定义

#define SYSCALL_CLASS_NONE	0	/* Invalid */
#define SYSCALL_CLASS_MACH	1	/* Mach */	
#define SYSCALL_CLASS_UNIX	2	/* Unix/BSD */
#define SYSCALL_CLASS_MDEP	3	/* Machine-dependent */
#define SYSCALL_CLASS_DIAG	4	/* Diagnostics */
#define SYSCALL_CLASS_IPC	5	/* Mach IPC */

/* Macros to simpllfy constructing syscall numbers. */
#define SYSCALL_CONSTRUCT_MACH(syscall_number) \
			((SYSCALL_CLASS_MACH << SYSCALL_CLASS_SHIFT) | \
			 (SYSCALL_NUMBER_MASK & (syscall_number)))
#define SYSCALL_CONSTRUCT_UNIX(syscall_number) \
			((SYSCALL_CLASS_UNIX << SYSCALL_CLASS_SHIFT) | \
			 (SYSCALL_NUMBER_MASK & (syscall_number)))
#define SYSCALL_CONSTRUCT_MDEP(syscall_number) \
			((SYSCALL_CLASS_MDEP << SYSCALL_CLASS_SHIFT) | \
			 (SYSCALL_NUMBER_MASK & (syscall_number)))
#define SYSCALL_CONSTRUCT_DIAG(syscall_number) \
			((SYSCALL_CLASS_DIAG << SYSCALL_CLASS_SHIFT) | \
			 (SYSCALL_NUMBER_MASK & (syscall_number)))

对于Mach调用,调用的中断号是:中断号+ (1<<24)

对于Unix调用,调用的中断号是:中断号+ (2<<24)

exit的中断号是1,所以调用时的rax参数是0x2000001。

rdi是调用exit()的参数

libsystem_kernel.dylib`mach_msg_trap:

0x7fff6bf982b0 <+0>: movq %rcx, %r10

0x7fff6bf982b3 <+3>: movl $0x2000001f, %eax ; imm = 0x2000001F

0x7fff6bf982b8 <+8>: syscall

-> 0x7fff6bf982ba <+10>: retq

0x7fff6bf982bb <+11>: nop

   rax = 0x0000000002000001
   rbx = 0x0000000000000003
   rcx = 0x0000000000000000
   rdx = 0x0000000000000000
   rdi = 0x0000000000000003
   rsi = 0x0000000000000000

arm64上,x16保存调用号,svc #0x80表示系统调用,x0表示调用的参数

libsystem_kernel.dylib`mach_msg_trap:

0x1b967855c <+0>: mov x16, #-0x1f

0x1b9678560 <+4>: svc #0x80

-> 0x1b9678564 <+8>: ret

    x0 = 0x0000000000000003
    x1 = 0x0000000000000000
    x2 = 0x00000000000120a8
    x3 = 0x00000001dc14d440  __sF + 304
    x4 = 0x000000018d8e9a08  libsystem_c.dylib`_none_wcrtomb
    x5 = 0x000000016f502db0
    x6 = 0x000000016f503140
    x7 = 0x0000000000000f60
    x8 = 0x0000000000000000
    x9 = 0x00000000dc14d4b7
   x10 = 0x0000000000000000
   x11 = 0x0000000000000002
   x12 = 0x0000000000000002
   x13 = 0x0000000000000000
   x14 = 0x0000000000000001
   x15 = 0x0000000000000002
   x16 = 0x0000000000000001
   x17 = 0x000000018d8dcd98  libsystem_c.dylib`_cleanup
   x18 = 0x0000000000000000
   x19 = 0x0000000000000003
   x20 = 0x0000000100e043b0
   x21 = 0x00000001d94d5000  UIKitCore`UIUserNotificationAction._parameters
   x22 = 0x0000000000000001
   x23 = 0x0000000000000000
   x24 = 0x000000002b870064
   x25 = 0x0000000000000000
   x26 = 0x00000001cd97ff71  
   x27 = 0x0000000000000010
   x28 = 0x00000001d94c1000  (void *)0x00000001dc1be1e0: _UIVisualEffectSubview
    fp = 0x000000016f502f10
    lr = 0x000000018d8de280  libsystem_c.dylib`signal__
    sp = 0x000000016f502f00
    pc = 0x00000001b93d9dac  libsystem_kernel.dylib`__exit + 4
  cpsr = 0x60000000

https://github.com/apple/darwin-xnu/blob/main/osfmk/mach/syscall_sw.h

https://opensource.apple.com/source/xnu/xnu-1504.3.12/bsd/kern/syscalls.master

https://www.bilibili.com/read/cv9033324

https://opensource.apple.com/source/xnu/xnu-4570.1.46/osfmk/mach/i386/syscall_sw.h.auto.html



版权声明:本文为gph66原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。