System Calls in Operating Systems

Operating System

System Calls


If a program needs access to the RAM or a hardware resource in user mode, it must ask the kernel to provide access to that resource. It is done by something which is called a system call in operating systems. The mode is moved from user mode to kernel mode while a program is making a system call that’s as called context switching.

A system call is a way to communicate with the operating system for the programs. System call provides user programs with operating system resources through Application Program Interface (API). This offers an interface between a process and an operating system allowing processes at the user level to request operating system services. The API defines a set of functions that an application programmer has at his fingertips, including the parameters passed to each function and the return values that the programmer may anticipate.


System Calls
System Calls


System calls share most of the same interrupt and exception mechanism for switching between user and kernel mode. The kernel must execute its system calls in a manner that protects itself from any errors and attacks that could be caused by interface misuse.

Pair of stub are two short procedures that mediate between two contexts, in this case between the user program and the kernel. In the usual way, the user program calls the user stub, ignoring the fact that the method is actually implemented in the kernel. Trap instruction is named by the user stub. The hardware passes power to the kernel, vectoring the call handler to the machine. On the kernel side the handler serves as a stub, calling for routine implementation in the kernel. The operating system provides a library routine to the system call for each system call. This library routine takes its arguments, reformats them according to the operating system kernel specified calling convention, and executes a trap instruction.

The kernel stub has following tasks:

  • Locate system call arguments:

Any address supplied to a system call by a user program must be checked (to verify that it is a valid address within the user domain) and translated to a physical address that the kernel may use to access the memory.

  • Validate parameters:

Typically a file name would be a zero-terminated string, but the kernel can’t trust the user code to always function properly. The file name may be corrupted, it may point to memory beyond the region of the application or it may start within the memory region of the application but expand beyond it. The application may not be able to access the file, and so on. If an error is found, the kernel returns an error to the user program; otherwise the kernel must perform the operation on behalf of the client.

  • Copy before check:

The problem occurs when the program can change the user memory holding a system call parameter (such as the name of a file) after the check is performed, but before the parameter is used in the actual routine implementation. This is named as “Time of Check vs. Time of Use”, or TOCTOU. Although a mechanism can appear to end when a system call is made, this may be misleading.

  • Copy back any results:

When the system call reads data into a user memory buffer, the stub would need to copy the data from the kernel buffer into user memory to allow the program to access it. Again, the user address needs to be checked first by the kernel and converted to a kernel address before use.


When the system call is completed, it returns to the stub which returns to the call handler. At this stage the stub takes steps to transfer back to the user process, the results of the system call.


Types of System Calls:

There are five types of system calls that are as followings:

  • Process Management or Process Control
  • File Management
  • Device Management
  • Information Maintenance
  • Communications


Process Management:

Those system calls which deal with the processes such as process creation, process termination etc. It includes end, abort, wait, Signed Event, create, terminate, allocate and free memory. A running process must be capable of stopping execution either normal or abnormal. If execution is abnormally interrupted, a memory dump is always taken and can be searched with a debugger.


CreateProcess() ExitProcess() WaitForSingleObject()         (WINDOWS)

fork() exit() wait()                                                                 (LINUX)



File management:

Those system calls which can handle file manipulation jobs like creating a file, reading, and writing, etc. It also includes deleting, repositioning, opening, closing of a file. It also have a function to get and set file attributes.


CreateFile() ReadFile() WriteFile() CloseHandle()              (WINDOWS)

Open() Read() write() close()                                                (LINUX)

System Calls
System Calls

click here for more topics on Operating Systems.

Was this helpful?

1 / 0

Leave a Reply 0

Your email address will not be published. Required fields are marked *