Chapter 13: System Calls
❑ mmap,mmap2,munmap,andmremapperform mapping, unmapping, and remapping opera-
tions, whilemprotectandmadvisecontrol access to and give advice about specific regions
of virtual memory.
mmapandmmap2differ slightly by their parameters; refer to the manual pages for more
details. The GNU C library usesmmap2by default;mmapis just a userland wrapper function
by now.
Depending on themallocimplementation, it can also be thatmmapormmap2is used inter-
nally. This works becauseanonymous mappingsallow installing mappings that are not
backed by a file. This approach allows for achieving more flexibility than by usingbrk.
❑ swaponandswapoffenable and disable (additional) swap space on external storage
devices.Interprocess Communication and Network FunctionsBecause ‘‘IPC and networks‘‘ are com-
plex issues, it would be easy to assume that a rich selection of system calls is available. As
Chapters 12 and 5 show, however, the opposite is true. Only two system calls are provided
to handle all possible tasks. However, a verylarge number of parameters is involved. The C
standard library spreads them over many different functions with just a few parameters so that
they are easier for programmers to handle. Ultimately, the functions are always based on the two
system calls:
❑ socketcalldeals with network questions and is used to implement socket abstraction.
It manages connections and protocols of all kinds and implements a total of 17 different
functions differentiated by means of constants such asSYS_ACCEPT,SYS_SENDTO,andso
on. The arguments themselves must be passed as a pointer that, depending on function
type, points to a userspace structure holding the required data.
❑ ipcis the counterpart tosocketcalland is used for process connections local to the com-
puter and not for connections established vianetworks. Because this system call need
implement ‘‘only‘‘ 11 different functions, it uses a fixed number of arguments — five in
all — to transfer data from userspace to kernel space.
System Information and SettingsIt is often necessary to query information on the running kernel and
its configuration and on the system configuration. Similarly, kernel parameters need to be set and
information must be saved to system log files. The kernel provides three further system calls to
perform such tasks:
❑ syslogwrites messages to the system logs and permits the assignment of different pri-
orities (depending on message priority, userspace tools send the messages either to a
permanent log file or directly to the console to inform users of critical situations).
❑ sysinforeturns information on the state of the system, particularly statistics on memory
usage (RAM, buffer, swap space).
❑ sysctlis used to ‘‘fine-tune‘‘ kernel parameters. The kernel now supports an immense
number of dynamically configurable options that can be read and modified using theproc
filesystem, as described in Chapter 10.
System Security and CapabilitiesThe traditionalUnixsecurity model — based on users, groups, and
an ‘‘omnipotent‘‘ root user — is not flexible enough for modern needs. This has led to the introduc-
tion of the capabilities system, which enables non-root processes to be furnished with additional
privileges and capabilities according to a fine-grained scheme.