Noa Kirel
Reputation: 63
Why do MacOS use absolute memory locations for system calls?
I've seen examples of Hello World program in Assembly, one in MacOS and the other in Linux. But the difference between them is that MacOS uses absolute memory location for system calls and Linux doesn't. Why is that? Why MacOS can't just use 1 or whatever number the kernel uses for system call write?
; MacOS
mov rax, 0x02000004 ; system call for write
; Linux
mov rax, 1 ; system call for write
Upvotes: 0
Views: 411
Answers (1)
phuclv
Reputation: 41932
Why do you think it's an absolute memory location? The syscall number is defined in syscalls.master and the number for write is 4
4 AUE_NULL ALL { user_ssize_t write(int fd, user_addr_t cbuf, user_size_t nbyte); }
However you also need to add some magic number to it because syscalls are grouped into partitions
#define SYSCALL_CLASS_NONE 0 /* Invalid */
#define SYSCALL_CLASS_MACH 1 /* Mach */
#define SYSCALL_CLASS_UNIX 2 /* Unix/BSD */
#define SYSCALL_CLASS_MDEP 3 /* Machine-dependent */
#define SYSCALL_CLASS_DIAG 4 /* Diagnostics */
The number for Unix/BSD is 2 so the number for write would be (SYSCALL_CLASS_UNIX << 24) + 4 which is equal to 0x02000004
Upvotes: 4
Related Questions
- Why do system calls use a different stack?
- When does Linux x86-64 syscall clobber %r8, %r9 and %r10?
- libc syscall(), benefits from passing call number?
- Assembly: Purpose of loading the effective address before a call to a function?
- How to properly pass buffer pointers to Linux system calls in x86_64 assembly?
- Why does the Linux Open system call not need a buffer size parameter for the path?
- Position of Memory parameters on the Stack x86_64 gcc
- x86 linux system call calling convention?
- Why is a function executed from the same memory address each time?
- Assembly and System Calls