I am using a Xen installation, paravirtualized 64 bit kernel.
From what I have seen, to make the system call in x86, you essentially put the syscall number in eax, then, int 0x80.
For amd64, I am reading that "syscall" is used.
Using gdb, I discovered that the function syscall(syscall_number) puts syscall_number in %edi, then 0 into eax.
I also notice that the return value is in eax.
Therefore, am I correct in believing that the following would work to implement the system call via asm?
mov syscall_number, %edi
mov 0x0, %eax
syscall
mov %eax, return value.
Unfortunately, when I view the asm output of what the C function syscall() does, it is a call to the function:
0x000000000040052d <main+25>: callq 0x400440 <syscall@plt>
And, disassembling the function:
(gdb) disassemble syscall
Dump of assembler code for function syscall:
0x000000000040cb20 <syscall+0>: mov %rdi,%rax
0x000000000040cb23 <syscall+3>: mov %rsi,%rdi
0x000000000040cb26 <syscall+6>: mov %rdx,%rsi
0x000000000040cb29 <syscall+9>: mov %rcx,%rdx
0x000000000040cb2c <syscall+12>: mov %r8,%r10
0x000000000040cb2f <syscall+15>: mov %r9,%r8
0x000000000040cb32 <syscall+18>: mov 0x8(%rsp),%r9
0x000000000040cb37 <syscall+23>: syscall
0x000000000040cb39 <syscall+25>: cmp $0xfffffffffffff001,%rax
0x000000000040cb3f <syscall+31>: jae 0x40e0c0 <__syscall_error>
0x000000000040cb45 <syscall+37>: retq
So, the above is showing me that syscall is in fact called after the registers values have again been changed, and,
rdi having containted the value of the syscall number, is moved in to rax.
Essentially, I am wanting to know what the assembly requirements are for calling the syscall opcode.
