System Call in Linux

A system call is a service provided by the Linux kernel. The functions which change the execution mode of the program from user mode to kernel mode are known as system calls. These calls are required in case some services are required by the program from the kernel. For example, if we want to change the date and time of the system or if we want to create a network socket then these services can only be provided by the kernel and hence these cases require system calls. For example, socket() is a system call.

System calls act as entry points to the OS kernel. There are certain tasks that can only be done if a process is running in kernel mode. Examples of these tasks can be interacting with hardware etc. So if a process wants to do such kind of task then it would require Itself to be running in kernel mode which is made possible by system calls.

The fork() System Call

The fork () system call creates an almost exact copy of the current process. Both the parent and the child will execute the code following the fork() An “if” conditional normally follows the fork to allow different behavior in the parent and child processes.

#include <unistd.h>
pid_t fork(void);
pid_t vfork(void);

If the return value is positive, you are executing in the parent process and the value is the PID of the child. If the return value is 0, you are in the child. If the value is negative, something went wrong and you need to check errno. Under Linux, vfork() is the same as fork().

The exec() Family

The execve() system call replaces the current process with the program specified by filename, using the argument list argv and the environment envp. If the call to execve() returns, an error obviously occurred and errno will have the cause.

#include <unistd.h>
int execve (const char *filename, char *const argv [],
char * const envp []);
extern char ** environ;
int execl (const char*path, const char *arg,…, NULL);
int exceclp(const char *file, const char *arg,…, NULL);
int execle(const char*path, const char *arg,…,
NULL, char * const envp []);
int execv (const char *path, char *const argv []);
int execvp (const char * file, char *const argv []);

The library functions execl(), execlp(), execle(), execv(), and execvp() are simply convenience functions that allow specifying the arguments in a different way, using the current environment instead of a new environment, and/or search the current path for the executable.

The system() and popen() Functions

For lazy programmers, the system() and popen() functions exist. These functions must not be used in any security-sensitive program.

#include <stdlib.h>
int system (const char * string);

#include <stdio.h>

FILE *popen(const char *command, const char *type);
int pclose(FILE *stream);

These functions fork() and then exec() the user’s login shell that locates the command and parses its arguments. They use one of the wait() family of functions to wait for the child process to terminate. The popen() function is similar to system(), except it also calls pipe() and creates a pipe to the standard input or from the standard output of the program, but not both. The second argument, type, is “r” to read piped stdout or “w” to write to stdin.

The wait(), waitpid(), wait3(), and wait4() System Calls

These system calls are used to wait for a change of state in a particular process, any member of a process group, or any child process.

#include <sys/types.h>
#include <sys/wait.h>
pid_t wait(int *status)
pid_t waitpid(pid_t pid, int *status, int options);

define _USE_BSD

#include <sys/types.h>
#include <sys/resource.h>
#include <sys/wait.h>

pid_t wait3(int *status, int options, struct rusage *rusage)
pid_t wait4(pid_t pid, int status, int options, struct rusage *rusage)

The wait() call waits for any child process. The waitdpid() call waits for a specific process. The BSD-style wait3() and wait4() calls are equivalent to wait() and waitpid(), respectively, but also return the resource usage of the child process into the struct pointed to by the argument rusage.