I recently went through Understanding the linux kernel, to get an idea of how system calls and interrupts function in an x86 based machine.
However, the level of detail has left me slightly confused. Here's what I understand.
System call process:
User mode:
User code calls a library function -> library function involves making a system call -> the int 0x80 instruction is executed causing transfer to kernel mode
Kernel mode:
Dispatch table is looked up for validity of the system call no. passed via eax register and if valid, backs up remaining structures onto kernel mode stack->system call routine calls the actual system call service routine.
Interrupt handling:
interrupt vector used to get into the IDT and the segment selector is retrieved after suitable privelege checks.-> After backing up registers, CS EIP obtained from the contents of the Gate descriptor and control jumps to 1st instruction of handler.
What I am not able to wrap my head around is how the above two : system call and interrupt handling tie in or overlap..
What i think happens is:
USER MODE | Kernel mode
User code->API->wrapper(0x80) -> Interrupt handling-> System call lookup(dispatch table)->System call routine.
Could someone help confirm / correct my understanding?
p.s the main area where i am fuzzy is what happens once the wrapper routine in the library does the system call. What location does the interrupt handler point to? And how is the system call no. used post it being put in EAX.?