System Calls

In the world of computing, system calls can be thought of as a child asking their parents for help with tasks that are beyond their capabilities or permissions. Just as a child might ask a parent to reach something from a high shelf, bake a cake, or use a tool that's too dangerous for them, an application (like the child) requests the operating system (like the parent) to perform certain tasks that require special privileges or access.

This parent-child analogy highlights the concept of privilege in computing. The operating system (parent) operates with higher privileges, similar to how parents have more authority and capabilities in a household. They can access and modify system resources, manage hardware interactions, and perform critical tasks. Meanwhile, the application (child) operates in a more restricted, less privileged environment. It can perform a variety of tasks independently but must rely on the operating system for anything that requires elevated privileges or access to restricted resources.

In this way, system calls represent a controlled and safe communication channel between applications and the operating system, ensuring that tasks requiring special privileges are handled securely and efficiently, much like how parents ensure the safety and well-being of their children by overseeing activities that are too complex or risky for them to handle alone.

System calls are a key component in the interaction between application software and the operating system. They serve as a bridge for communication between user space (where applications run) and kernel space (where core system functions and resources are managed).

Why Do Application Software Need System Calls?

  1. Resource Management: System calls allow applications to request resources such as memory, CPU time, and I/O devices in a controlled manner.

  2. Security and Stability: By using system calls, applications are restricted from directly accessing hardware or core system features, which helps maintain system integrity and security.

  3. Abstraction and Simplification: They abstract the complexities of hardware interaction, providing a simpler interface for application developers.

How System Calls Enhance Safety by Delegating to the Kernel?

  • Privileged vs Unprivileged Instructions:

    • Privileged Instructions are those that can only be executed by the kernel. They include operations that can affect the core functions of the OS, like managing memory or controlling I/O devices.

    • Unprivileged Instructions can be executed by user applications. They are limited in scope to prevent applications from harming the system or other applications.

  • Delegation to Kernel: When an application needs to perform an operation that requires privileged access (like accessing a hardware device), it makes a system call. The kernel then safely executes this operation on behalf of the application.

Workflow of a System Call

Here's a simplified ASCII art representation of how software makes system calls, and the subsequent steps:

User Mode                             Kernel Mode
----------                           ----------------
|        |                           |              |
|  App   | -- System Call Request -> |  Kernel      |
|        |                           |              |
| (User) | <-- Results & Control --- | (Privileged) |
----------                           ----------------
  1. System Call Request: The application in user mode makes a system call.

  2. CPU Changes Privilege: The CPU switches to a privileged mode to execute the call in the kernel.

  3. OS Checks Input: The OS, in kernel mode, validates and processes the input from the system call.

  4. Execution: The kernel performs the required operations (e.g., accessing hardware, managing resources).

  5. Return to User Mode: Results and control are passed back to the application in user mode.

This mechanism ensures that only safe and controlled interactions occur between the application and the system hardware, maintaining system stability and security.

Let's look at some popular system calls in Linux.

File System

  1. open: Opens a file or device.

  2. close: Closes an open file descriptor.

  3. read: Reads data from an open file.

  4. write: Writes data to an open file.

  5. lseek: Repositions the file offset of an open file descriptor.

  6. stat: Retrieves information about a file.

  7. mkdir: Creates a new directory.

  8. rmdir: Removes a directory.

  9. unlink: Deletes a file.

Process Control

  1. fork: Creates a new process.

  2. exit: Terminates the current process.

  3. wait: Waits for a child process to terminate.

  4. execve: Executes a program.

  5. getpid: Returns the process ID of the calling process.

  6. kill: Sends a signal to a process.

Memory Management

  1. brk: Changes the amount of space allocated for the calling process's data segment.

  2. mmap: Maps files or devices into memory.

  3. munmap: Unmaps a file or device from memory.


  1. socket: Creates a new socket.

  2. bind: Associates a socket with an address.

  3. listen: Listens for connections on a socket.

  4. accept: Accepts a connection on a socket.

  5. connect: Initiates a connection on a socket.

  6. send: Sends data on the socket.

  7. recv: Receives data from a socket.

Inter-Process Communication (IPC)

  1. pipe: Creates a pipe for inter-process communication.

  2. shmget: Allocates a shared memory segment.

  3. shmat: Attaches a shared memory segment.

  4. msgget: Creates a message queue.

  5. msgsnd: Sends a message to a message queue.

  6. msgrcv: Receives a message from a message queue.

User and Group Information

  1. getuid: Returns the user ID of the calling process.

  2. setuid: Sets the user ID of the calling process.

  3. getgid: Returns the group ID of the calling process.

  4. setgid: Sets the group ID of the calling process.


  1. time: Returns the current time.

  2. gettimeofday: Gets the current time and date.

  3. nanosleep: Suspends the execution of the calling process for an interval measured in nanoseconds.


  1. ioctl: Manipulates the underlying device parameters of special files.

  2. syslog: Reads and/or clears the kernel message ring buffer.

  3. getpriority: Gets the scheduling priority.

  4. setpriority: Sets the scheduling priority.

These system calls provide a wide range of functionalities necessary for the efficient operation of Linux systems, from basic file operations to complex inter-process communications and network interactions.