10

I wonder if there some syscall table for Linux ARM64 architecture? I found syscall table for Linux ARM32 and many other architectures, but the problem still exists.

Does anyone know where can I find a syscall table exactly for ARM64?

perror
  • 19,083
  • 29
  • 87
  • 150
merrychap
  • 103
  • 1
  • 1
  • 8

2 Answers2

13

arm64 syscall numbers are defined at: https://github.com/torvalds/linux/blob/v4.17/include/uapi/asm-generic/unistd.h

This is a bit confusing since it is quite different from x86 and x86_64 and arm 32-bit which define syscall numbers under arch/, e.g. arch/arm/tools/syscall.tbl for arm 32-bit, but the arm64 file has a comment saying:

New architectures should use this file and implement the less feature-full calls in user space.

so I'm guessing that it is just because aarch64 is new and used a newer more arch agnostic mechanism, while the old ones can never break userland compatibility and thus cannot be updated to the new mechanism.

This is corroborated by the following minimal runnable aarch64 assembly Linux call example that works on QEMU and uses 64 for write and 93 for exit:

main.S

.text
.global _start
_start:
    /* write */
    mov x0, #1
    ldr x1, =msg
    ldr x2, =len
    mov x8, #64
    svc #0

/* exit */
mov x0, #0
mov x8, #93
svc #0



msg:
    .ascii "hello world\n"
len = . - msg

GitHub upstream.

Assemble and run:

aarch64-linux-gnu-as -o main.o main.S
aarch64-linux-gnu-ld -o main.out main.o
qemu-aarch64 main.out

Tested in Ubuntu 16.04 amd64.

strace source code

This is a good place to easily cheat to check the syscall numbers, see: https://unix.stackexchange.com/questions/421750/where-do-you-find-the-syscall-table-for-linux/499016#499016

It also confirms what I said about newer archs seeming to have unified call numbers.

Ciro Santilli OurBigBook.com
  • 784
  • 7
  • 10
9

Update: See this answer for up-to-date information on where ARM64 syscall definitions are found. Note that the information below may just be for backwards-compatibility.

See arch/arm64/include/asm/unistd32.h:

 ...
 #define __NR_restart_syscall 0
 __SYSCALL(__NR_restart_syscall, sys_restart_syscall)
 #define __NR_exit 1
 __SYSCALL(__NR_exit, sys_exit)
 #define __NR_fork 2
 __SYSCALL(__NR_fork, sys_fork)
 #define __NR_read 3
 __SYSCALL(__NR_read, sys_read)
 #define __NR_write 4
 __SYSCALL(__NR_write, sys_write)
 #define __NR_open 5
 __SYSCALL(__NR_open, compat_sys_open)
 #define __NR_close 6
 __SYSCALL(__NR_close, sys_close)
            /* 7 was sys_waitpid */
 __SYSCALL(7, sys_ni_syscall)
 #define __NR_creat 8
 __SYSCALL(__NR_creat, sys_creat)
 ...

You'll also find a few AArch64-specific syscalls in arch/arm64/include/asm/unistd.h.

tonysdg
  • 191
  • 1
  • 6
  • I think the truly interesting file for arm64 is include/uapi/asm-generic/unistd.h: https://reverseengineering.stackexchange.com/a/18834/12321 – Ciro Santilli OurBigBook.com Jul 18 '18 at 09:01
  • 1
    @CiroSantilli新疆改造中心六四事件法轮功: Huh -- I wonder what the files I linked are used for now? Perhaps the glibc version has something to do with it... anyways, based on your experimental results, the asm-generic file is likely correct. – tonysdg Jul 18 '18 at 15:39