News AI
July 20th, 2024

A Linux kernel syscall implementation tracker

The website provides detailed information on Linux syscall tables, covering architecture, kernel version, JSON table, kernel config, analysis log, and source. Attributes include signature, number, name, symbol, and definition location. Powered by Systrack v, copyrighted by Marco Bonelli under GNU GPL v3.0 for 2023-2024.

Read original articleLink Icon
ThanksInformationTool
A Linux kernel syscall implementation tracker

The website contains information about Linux syscall tables, including details about the architecture, kernel version, and components like the JSON table, kernel config, analysis log, and website source. It also lists attributes such as signature, number, name, symbol, and definition location related to the syscall tables. The content is powered by Systrack v and copyrighted by Marco Bonelli under the GNU General Public License v3.0 for the years 2023-2024.

Related

Its the users fault: this is what is wrong with systemd

Its the users fault: this is what is wrong with systemd

The GitHub URL "https://github.com/systemd/systemd" provides licensing details for the systemd project. Contact for additional information or support.

Htop explained – everything you can see in htop on Linux (2019)

Htop explained – everything you can see in htop on Linux (2019)

This article explains htop, a Linux system monitoring tool. It covers uptime, load average, processes, memory usage, and more. It details htop's display, load averages, process IDs, procfs, and process tree structure. Practical examples are provided for system analysis.

CVE-2021-4440: A Linux CNA Case Study

CVE-2021-4440: A Linux CNA Case Study

The Linux CNA mishandled CVE-2021-4440 in the 5.10 LTS kernel, causing information leakage and KASLR defeats. The issue affected Debian Bullseye and SUSE's 5.3.18 kernel, resolved in version 5.10.218.

Optimizing the Lichess Tablebase Server

Optimizing the Lichess Tablebase Server

The blog post details optimizations for a Syzygy tablebase server on lichess.org, addressing RAID challenges with dm-integrity on LVM. Improved hardware, RAID 5, pread usage, SSD caching, and parallel reads enhance performance.

Exploring Novel File System Objects for Data-Only Attacks on Linux Systems

Exploring Novel File System Objects for Data-Only Attacks on Linux Systems

The study explores data-only attacks on Linux systems, identifying critical file system objects for exploitation without requiring Kernel Address Space Layout Randomization. It presents novel exploit strategies and evaluates them against real-world vulnerabilities.

AI: What people are saying
The article on Linux syscall tables receives positive feedback and sparks discussions on related tools and issues.
  • Many users express gratitude and appreciation for the comprehensive and detailed information provided.
  • Some users mention similar tools and resources, such as Cosmopolitan libc, and express interest in additional features like kernel exports.
  • There are technical discussions about syscall numbers, missing architectures like RISC-V, and the completeness of the syscall list.
  • Users share their experiences and challenges with existing tools and how this new resource could have been helpful in past projects.
  • Technical issues with website functionality, particularly related to JavaScript and browser compatibility, are noted by some users.
Link Icon 18 comments
By @xelxebar - 7 months
Okay, this is super cool. Thanks for sharing.

In a similar vein, jart's Cosmopolitan libc has a really fun collection of tables that compare various constants across platforms, e.g. syscalls, syscall flags, error numbers, etc. It includes (variants of) Linux, XNU, NT, and the BSDs.

https://github.com/jart/cosmopolitan/blob/master/libc/sysv/c...

In the off chance you haven't heard of Cosmopolitan yet, I hope you find the discovery as much fun as I have.

By @qbane - 7 months
I wish this site could have existed earlier when I was writing eBPF filters for my sandbox and had to check how specific syscalls were implemented in different archs here and there. Thanks for your great work.
By @matheusmoreira - 7 months
This is SUCH a good tool! Thank you!!

I've been using other tables but they were always incomplete and often x86_64 only. This one contains everything: number, symbol, links to kernel implementation, signature, user space ABI registers. And I can select kernel version, kernel binary interface and processor architecture!

I'm very interested in how you are collecting or generating all this information. Please post details on the process. I need similar information in order to compile system call tables into lone, my own programming language which features direct Linux system call support.

I use scripts that parse the information out of Linux user space API headers: the compiler prints all the preprocessor definitions from linux/unistd.h, the "SYS_" definitions are selected and then turned into a C array initializer for a number/name structure.

  # makefile
  $(call source_to_object,source/lone/lisp/modules/intrinsic/linux.c): $(targets.NR.c)

  $(targets.NR.c): $(targets.NR.list) scripts/NR.generate
      scripts/NR.generate < $< > $@

  $(targets.NR.list): scripts/NR.filter
      $(CC) -E -dM -include linux/unistd.h - < /dev/null | scripts/NR.filter > $@

  # scripts/NR.filter
  grep __NR_ | sed 's/#define //g' | cut -d ' ' -f 1

  # scripts/NR.generate
  # generates C array initializers like:
  #     { "read", __NR_read },
  while read -r NR; do
    printf '{ "%s", %s },\n' "${NR#__NR_}" "${NR}"
  done

  // source/lone/lisp/modules/intrinsic/linux.c

  static struct linux_system_call {
      char *symbol;
      lone_lisp_integer number;
  } linux_system_calls[] = {

      /* huge generated array initializer
       * with all the system calls found
       * on the host platform
       */
      #include <lone/lisp/modules/intrinsic/linux/NR.c>
  };
By @Neywiny - 7 months
This is good. Usually I end up finding one I think Google made for Chromebooks. Or even worse, restoring to the man page.
By @MBCook - 7 months
Is there a reason syscall numbers don’t match up between architectures?

Or is it just a quirk of history?

By @netr0ute - 7 months
Missing RISC-V
By @saagarjha - 7 months
This is neat! Finally someone who added all the information I need :)
By @extraduder_ire - 7 months
Only 357 syscalls in 6.0. Don't know why, but I thought there would be more.
By @greenpenguin - 7 months
There's a few of these floating around that are generally missing something - recent syscalls, types, etc. Thank you for such a complete one!
By @lsofzz - 7 months
Thanks! This is great. If you ever need extra housing for this, I would be glad to provide it.
By @davidfiala - 7 months
I've wished for a complete version like this for so long. Great work. Thank you!
By @nubinetwork - 7 months
Can you make one for kernel exports and list whether they are GPL-only or not?
By @pastapoggers - 7 months
similarly, does a Windows syscall tracker exist?
By @jeffrallen - 7 months
From this I learned about Landlock, thanks!
By @wg0 - 7 months
What API is the most common for x86-64bit?
By @xurukefi - 7 months
removed
By @foresto - 7 months
That's handy.

I wonder why it displays without javascript in chromium, but fails to do so in firefox. If the author is here, could that be fixed?

Edit:

Restarting chromium and trying again yields the same behavior as firefox. I wonder if the javascript somehow slipped past umatrix & ublock origin on my first try. Given that I launched chromium by dragging the link onto its icon the first time, perhaps the script-blocking extensions weren't fully loaded?

Testing again several more times, that does seem likely. I can reproduce it intermittently by dragging the URL onto my chromium shortcut if chromium isn't already running.

Edit 2: Sure enough:

https://github.com/gorhill/uBlock/issues/1913

https://github.com/gorhill/uBlock/issues/1327