search
    
MacOS and *OS Internals

Appendix I: BSD system calls in XNU

 

#

System Call prototype

Implemented in (bsd/)

Notes

1

void exit(int code);

kern/kern_exit.c

Terminate program, returns code to caller, which may retrieve it by a waitXX call.

2

pid_t fork();

kern/kern_fork.c

Clone existing process image into two. Returns pid_t 0 if child, >0 (child PID) if parent, <0 on error.

3

ssize_t read(int fd,

void *buf,

size_t nbyte);

kern/sys_generic.c

Read nbyte bytes from fd into buf

4

ssize_t write(int fd,

const void *buf,

size_t nbyte);

kern/sys_generic.c

Write nbyte bytes from buf into fd

5

int open(const char *path,

int oflag,

...);

vfs/vfs_syscalls.c

Open file at path for access, according to oflag

6

int close(int fd);

kern/kern_descrip.c

Close file descriptor (file, socket, fifo, etc)

7

int wait4(int pid,

user_addr_t status,

int options,

user_addr_t rusage)

kern/kern_exit.c

Wait for child process pid to exit, collect exit code in status

9

int link(const char *src,

const char *target);

vfs/vfs_syscalls.c

Create a hard link from src to target

10

int unlink

(const char *path);

vfs/vfs_syscalls.c

Remove hard link (directory entry) of inode specified by path,

deleting the file if number of links drops to 0.

12

int chdir(const char *path);

vfs/vfs_syscalls.c

Change working directory to path

13

int fchdir(int fd);

vfs/vfs_syscalls.c

Change working directory to descriptor fd.

14

int mknod(char *path,

int mode, int dev)

vfs/vfs_syscalls.c

Make a device node

15

int chmod(char *path,

int mode)

vfs/vfs_syscalls.c

Change mode bits of file at path to mode mode.

16

int chown(char *path,

int uid,

int gid);

vfs/vfs_syscalls.c

Change ownership of file at path, to be owned by user uid and group gid.

18

int getfsstat(struct statfs *buf,

int bufsize,

int flags);

vfs/vfs_syscalls.c

get list of all mounted file systems into a buffer buf of bufsize bytes supplied by caller. Flags may be MNT_WAIT or MNT_NOWAIT (returning immediately, but with possibly stale data).

20

int getpid(void)

kern/kern_prot.c

Get own process identifier

23

int setuid(uid_t uid);

kern/kern_prot.c

Set user ID to uid. (must be root)

24

int getuid(void);

kern/kern_prot.c

Get real user ID of process

25

int geteuid(void);

kern/kern_prot.c

Get effective user ID of process

26

int ptrace(int req,

pid_t pid,

caddr_t addr,

int data);

kern/mach_process.c

Process tracing facility

27S

int recvmsg(int s,

struct msghdr *msg,

int flags)

kern/uipc_syscalls.c

Receive message from socket

28S

int sendmsg(int s,

caddr_t msg,

int flags)

kern/uipc_syscalls.c

Send message on socket

29S

int recvfrom(int s,

void *buf,

size_t len,

int flags,

struct sockaddr *from,

int *fromlenaddr)

kern/uipc_syscalls.c

Receive data from socket, with address of peer

30S

int accept(int s,

caddr_t name,

socklen_t *anamelen)

kern/uipc_syscalls.c

Accept a connection on listening socket s, returning a new, connected socket descriptor. Sets name to a sockaddr structure of anamelen bytes, of remote peer.

31S

int getpeername(int s,

caddr_t asa,

socklen_t *alen)

kern/uipc_syscalls.c

Get remote address of connected socket. Returns the same sockaddr as would have been returned from accept (#30)

32S

int getsockname(int s,

caddr_t asa,

socklen_t *alen)

kern/uipc_syscalls.c

Get local address of bound, possibly connected socket.

33

int access(user_addr_t path,

int flags);

vfs/vfs_syscalls.c

Check if file at path may be accessed according to flags:

R_OK File may be read

W_OK File may be written

X_OK File may be executed

34

int chflags(char *path,

int flags);

vfs/vfs_syscalls.c

Change flags of file at path, according to flags:

Settable by owner:

UF_NODUMP Do not dump the file.

UF_IMMUTABLE The file may not be changed.

UF_APPEND File may only be appended to.

UF_OPAQUE Make opaque in unionfs

UF_HIDDEN Make file/directory hidden

Settable only by root:

SF_ARCHIVED The file has been archived.

SF_IMMUTABLE File cannot be changed.

SF_APPEND File can only be appended to.

35

int fchflags(int fd, int flags);

vfs/vfs_syscalls.c

As chflags (#34), but on a file descriptor.

36

int sync(void);

vfs/vfs_syscalls.c

Sync all caches to disk

37

int kill(int pid,

int signum,

int posix)

kern/kern_sig.c

Send signal signum to process pid.

 

The posix argument is hidden by libSystem

 

39

int getppid(void);

kern/kern_prot.c

Get parent process identifier of current process

41

int dup(u_int fd);

kern/kern_descrip.c

Return a duplicate descriptor of fd, with a system defined descriptor number

42

int pipe(int filedes[2]);

kern/sys_pipe.c

Create a pipe, returning its ends in filedes[]

(actual system call is int pipe(void))

43

int getegid(void);

kern/kern_prot.c

Get effective group id of current process

44

D

int profil(char *samples,

size_t size,

u_long offset,

u_int scale);

kern/subr_prof.c

Control Process profiling

 

(deprecated in Lion - returns EINVAL)

46

int sigaction (int signum,

struct __sigaction *nsa,

struct sigaction *osa)

kern/kern_sig.c

POSIX signal handling. Also implements simplified signal handling using signal(3)

47

int getgid(void);

kern/kern_prot.c

Get current process group id

48

int sigprocmask(int how, user_addr_t mask, user_addr_t omask);

kern/kern_sig.c

Toggle signal blocking

49

char *getlogin(void);

kern/kern_prot.c

Get login name.

50

int setlogin(const char *name)

kern/kern_prot.c

Set login name to name.

Root only.

51

int acct(char *path);

 

Enable/disable process accounting

52

int sigpending

(struct sigvec *osv);

kern/kern_sig.c

get pending signals

53

int sigaltstack

(struct sigaltstack *nss,

struct sigaltstack *oss)

kern/kern_sig.c

set and/or get signal stack context

54

int ioctl(int filedes,

unsigned long request,

...);

kern/sys_generic.c

Perform I/O control operation request on file descriptor filedes. May optionally specify another void * (or kernel will be passed NULL)

55

int reboot(int howto);

kern/kern_xxx.c

Reboot!

 

Man page on this system call is a copy of BSDM-^Rs, and is inaccurate

56

int revoke(char *path);

vfs/vfs_syscalls.c

Revoke file access. Moves vnode to deadfs.

57

int symlink(char *path,

char *link);

vfs/vfs_syscalls.c

Create a symbolic link (ln -s)

58

ssize_t readlink

(const char *restrict path,

char *restrict buf,

size_t bufsize);

vfs/vfs_syscalls.c

Read value of symbolic link pointed to by path.

59

int execve(const char *path,

char *const argv[],

char *const envp[]);

kern/kern_exec.c

Execute the binary specified in path with the arguments from argv and environment in envp, overwriting the current memory image. This function doesnM-^Rt return if successful.

60

int umask(int newmask);

vfs/vfs_syscalls.c

Set process umask to newmask

61

int chroot(char *dir);

vfs/vfs_syscalls.c

Change process root directory to dir

65

int msync(caddr_t addr,

size_t len,

int flags)

kern/kern_mman.c

Sync any pages from addr to addr+len back to the filesystem, according to flags.

66

int vfork(void);

kern/kern_fork.c

As fork (#2), sans address space copy

73

int munmap(caddr_t addr,

size_t len)

kern/kern_mman.c

Inverse of mmap(#197)

74

int mprotect(caddr_t addr, size_t len, int prot)

kern/kern_mman.c

Protect region starting at addr and spanning len bytes by protection flags from prot.

75

int madvise(caddr_t addr,

size_t len,

int behav);

kern/kern_mman.c

Advise kernel with behav about memory access to region starting at caddr and spanning len bytes. Advice can be one of:

 

MADV_NORMAL M- no advice

MADV_SEQUENTIAL - Sequential access to pages. Can read ahead, discard

MADV_RANDOM - Random access

MADV_WILLNEED - These pages will be needed soon

MADV_DONTNEED - These pages can be lazy allocated, and are not needed soon

MADV_ZERO_WIRED_PAGES - Request clearing of pages if/when freed

MADV_FREE - No more use for these pages

 

78

int mincore(caddr_t addr,

size_t len,

char *vec);

kern/kern_mman.c

Return vector with values corresponding to memory pages from addr to addr+len. The vector has entries corresponding to each pages:

MINCORE_INCORE - resident

MINCORE_REFERENCED - recently read by process

MINCORE_MODIFIED - recently dirtied by process

MINCORE_REFERENCED_OTHER - read by another

MINCORE_MODIFIED_OTHER - dirtied by another

79

int getgroups

(int gidsetsize,

gid_t grouplist[]);

kern/kern_prot.c

Get group list into array of up to gidsetsize entries.

80

int setgroups

(int ngroups,

const gid_t *gidset);

kern/kern_prot.c

Set group membership in the ngroups specified in gidset.

 

Must be root

81

int getpgrp(void);

kern/kern_prot.c

Get process group. (a.k.a getpgid())

82

int setpgid(int pid, int pgid);

kern/kern_prot.c

Set process group of pid to pgid.

83

int setitimer(int which,

const struct itimerval *value,

struct itimerval *ovalue);

kern/kern_time.c

Set Interval timer

85D

int swapon(void);

vm/vm_unix.c

Not supported in OS X. Use macx_swapon instead.

86

int getitimer(int which,

struct itimerval *value);

kern/kern_time.c

Get value of internal timer

89

int getdtablesize(void);

kern/kern_descript.c

Get descriptor table size

90

int dup2(u_int from, u_int to);

kern/kern_descrip.c

As dup(#41) but allows specifying of duplicated descriptor as to. If to is open, it will first be closed (with close(2)), and then reopened as from.

92

int fcntl(int fd,

int cmd,

...);

kern/kern_descrip.c

Perform file control operation on descriptor fd, according to the request in cmd.

93

int select(int nd,

u_int32_t *in,

u_int32_t *out,

u_int32_t *ex,

struct timeval *tv)

kern/sys_generic.c

Multiplex over arrays of nd file descriptors, with a specified timeout tv. Monitor in for readability, out for writability, and ex for exceptions.

95

int fsync(int fd);

 

Flush fd related buffers to disk

96

int setpriority(int which,

id_t who,

int prio);

kern/kern_resource.c

Set scheduling priority of who to prio. The M-^QwhoM-^R is an identifier according to which:

PRIO_PROCESS: A process identifier

PRIO_PGRP: A group identifier

PRIO_USER: A user id

PRIO_DARWIN_THREAD: a Darwin thread

 

This system call implements nice(1) and renice(1)

97S

int socket(int family,

int type,

int protocol)

kern/uipc_syscalls.c

Create a socket of family AF_* (AF_INET, _INET6, _UNIX, ..), and type (SOCK_STREAM, DGRAM, RAW..). Protocol is dependnent on address family, and may be left 0 for the default protocol suited for this family and type.

98S

int connect(int s,

caddr_t name,

socklen_t namelen)

kern/uipc_syscalls.c

Connect socket s to socket specified by name of namelen.

100

int getpriority(int which,

id_t who);

kern/kern_resource.c

Get scheduling priority of who according to which, with the same semantics as setpriority (#96)

 

104S

int bind(int s,

caddr_t name,

socklen_t namelen);

kern/uipc_syscalls.c

Bind socket s to address name or namelen bytes.

105S

int setsockopt(int s,

int level,

int name,

caddr_t val,

socklen_t valsize);

kern/uipc_syscalls.c

Set socket option from namespace level, key name to val of valsize bytes.

106S

int listen(int s,

int backlog);

kern/uipc_syscalls.c

Place stream socket s into listening mode, with a backlog of connections.

111

int sigsuspend

(const sigset_t *sigmask);

kern/kern_sig.c

Reset signal blocking, and wait for signal

116

int gettimeofday

(struct timeval *tp,

struct timezone *tzp)

kern/kern_time.c

Get system clock into tp, with the timezone in tzp.

117

int getrusage (int class,

struct rusage *r);

kern/kern_resource.c

Get resource usage for resource class into r.

118S

int getsockopt(int s,

int level,

int name,

caddr_t val,

socklen_t *valsize);

kern/uipc_syscalls.c

Get socket options (q.v. #105))

120

ssize_t readv(int filedes,

const struct iovec *iov,

int iovcnt);

kern/sys_generic.c

Multi buffered (scatter) read: as read (#3), but with buffers read into the iovcnt vectors in iov.

121

ssize_t writev(int fildes,

const struct iovec *iov,

int iovcnt);

kern/sys_generic.c

Multi buffered (scatter) write. As write (#4), but with iovcnt buffers written from iov.

122

int settimeofday

(struct timeval *tv,

struct timezone *tzp)

kern/kern_time

Set system clock

123

int fchown(int fd,

int uid,

int gid)

vfs/vfs_syscalls.c

As chown(#16), but on open file descriptor fd.

124

Int fchmod(int fd, int mode)

vfs/vfs_syscalls.c

As chmod (#15), but on open file descriptor fd.

126

int setreuid(uid_t ruid,

uid_t euid)

kern/kern_prot.c

Set both real and effective user id of process

127

int setregid(gid_t rgid,

gid_t egid)

kern/kern_prot.c

Get both real and effective user id of process

128

int rename(char *from,

char *to);

vfs/vfs_syscalls.c

Rename a file

131

int flock(int fd,

int how);

kern/kern_descrip.c

Advisory file lock on file path, according to mode:

#define LOCK_SH 1 /* shared lock */

#define LOCK_EX 2 /* exclusive lock */

#define LOCK_NB 4 /* don't block when locking */

#define LOCK_UN 8 /* unlock */

132

int mkfifo(char *path,

int mode);

vfs/vfs_syscalls.c

Create a named pipe at path with permissions from mode

133S

int sendto(int s,

caddr_t buf,

size_t len,

int flags,

caddr_t to,

socklen_t tolen)

kern/uipc_syscalls.c

Send a datagram buf of len bytes to from socket s to remote socket specified by to, an address of tolen bytes

134S

int shutdown(int s, int how);

kern/uipc_syscalls.c

Close socket s according to how - SHUT_RD, SHUT_WR, or both - SHUT_RDWR

135S

int socketpair(int domain, int type, int protocol, int *rsv)

kern/uipc_syscalls.c

Return an unnamed pair of socket of domain/type/protocol in rsv.

136

int mkdir(user_addr_t path, int mode);

vfs/vfs_syscalls.c

Create a directory in path

137

int rmdir(char *path)

vfs/vfs_syscalls.c

Remove directory specified by path

138

int utimes(char *path, struct timeval *tptr);

vfs/vfs_syscalls.c

Set access/modification times of file opened by fd

139

int futimes(int fd, struct timeval *tptr);

vfs/vfs_syscalls.c

Set access/modification times of file opened by fd

140

int adjtime(struct timeval *delta, struct timeval *olddelta);

kern/kern_time.c

Adjust time value by delta

142

int gethostuuid(unsigned char *uuid_buf, const struct timespec *timeoutp);

kern/sys_generic.c

Get a unique identifier for the current machine, into uuid_buf.

147

int setsid(void);

kern/kern_prot.c

Set session ID

151

int getpgid(pid_t pid);

kern/kern_prot.c

Get process group identifier

152M

int setprivexec(int flag);

kern/kern_prot.c

Gets/sets p_debugger field of BSD process structure, controlling access to Mach exception ports

153

user_ssize_t pread(int fd, user_addr_t buf, us

er_size_t nbyte, off_t offset);

kern/sys_generic.c:

 

154

user_ssize_t pwrite(int fd, user_addr_t buf, u

ser_size_t nbyte, off_t offset);

kern/sys_generic.c:

 

155 (nfs)

int nfssvc(int flag, caddr_t argp);

nfs/nfs_syscalls.c

 

157

int statfs(char *path, struct statfs *buf);

vfs/vfs_syscalls

 

158

int fstatfs(int fd, struct statfs *buf);

vfs/vfs_syscalls

 

159

int unmount(user_addr_t path, int flags);

vfs/vfs_syscalls

 

161 (nfs)

int getfh(char *fname, fhandle_t *fhp);

nfs/nfs_syscalls.c

Get File Handle (used extensively by NFS)

165

int quotactl(const char *path, int cmd, int ui

d, caddr_t arg);

vfs/vfs_syscalls.c

manipulate filesystem quotas

167

mount(char *type, char *path, int flags, c

addr_t data);

vfs/vfs_syscalls.c

Mount a file system

169N

csops(pid_t pid, uint32_t ops, user_addr_t

useraddr, user_size_t usersize);

kern/kern_proc.c

Code signing operations

170

ML

csops_audittoken

N/A

New in Mountain Lion: Get audit token

173M

int waitid(idtype_t idtype,

id_t id,

siginfo_t *infop,

int options);

kern/kern_exit.c

Wait for process matching idtype (P_PID, P_PGID or P_ALL) id to change state. Similar in semantics to wait4(#7)

176

D

add_profil(short *bufbase, size_t bufsize, u_long pcoffset, u_int pcscale);

kern/subr_prof.c

Deprecated in Lion. Returns EINVAL

180

int kdebug_trace(int code,

int arg1, int arg2, int arg3,

int arg4, int arg5);

kern/kdebug.c

Generic kernel debug system call. Explained in Chapter 5

 

181

int setgid(gid_t egid);

kern/kern_prot.c

Set real group id of current process

182

int setegid(gid_t egid);

kern/kern_prot.c

Set effective group id of current process

183

int seteuid(uid_t euid);

kern/kern_prot.c

Set effective user id of current process

184

int sigreturn(struct ucontext *uctx, int infostyle)

 

 

185

int chud(uint64_t code, uint64_t arg1, uint64_t arg2, uint64_t arg3, uint64_t arg4, uint64_t arg5)

bsd/dev/chud/chud_bsd_callback.c

OS X and iOS specific, used for CHUD hardware utilities. Unofficial and unsupported by Apple, but used by Shark (precursor to instruments) and still used by Apple profiling tools. Discussed in Chapter 5.

187

int fdatasync(int fd);

 

 

188

int stat(char *path,

struct stat sb);

vfs/vfs_syscalls.c

Obtain file statistics on file specified by path, returning results in sb.

189

int fstat(int fd,

struct stat sb);

kern/kern_descrip.c

As stat (#188), but on a file descriptor fd.

190

int lstat(char *path,

struct stat sb);

vfs/vfs_syscalls.c

As stat (#188), but follows links

191

int pathconf(char *path,

int name);

vfs/vfs_syscalls.c

Get configurable path parameters for path

_PC_LINK_MAX, _PC_PATH_MAX ,..

192

int fpathconf(int fd,

int name);

kern/kern_descrip.c

Get configurable path parameters for fd

194

int getrlimit(u_int which,

struct rlimit *rlp)

kern/kern_resource.c

Get process resource limits (a la ulimit(1))

195

int setrlimit(u_int which,

struct rlimit *rlp)

kern/kern_resource.c

Set process resource limits (a la ulimit(1))

196

int getdirentries(int fd,

char *buf,

u_int count,

long *basep);

vfs/vfs_syscalls.c

 

197

user_addr_t mmap(caddr_t addr, size_t len, int

prot, int flags, int fd, off_t pos)

kern/kern_mman.c

Map a region of memory

199

off_t lseek(int fd,

off_t offset,

int whence);

vfs/vfs_syscalls.c

Move file offset pointer of fd to offset, relative to whence

200

int truncate(char *path,

off_t length);

vfs/vfs_syscalls.c

Truncate file specified by path to length bytes.

201

int ftruncate(int fd,

off_t length);

vfs/vfs_syscalls.c

As truncate(#200), but on a file descriptor - i.e. truncate file opened by fd to length bytes.

202

int __sysctl(int *name,

u_int namelen,

void *old,

size_t *oldlenp,

void *new,

size_t newlen);

kern/ kern_sysctl.c

Sysctl

203

int mlock(caddr_t addr,

size_t len);

kern/kern_mman.c

Lock pages starting at addr and spanning len bytes. Calls vm_map_wire internally

204

int munlock(caddr_t addr,

size_t len);

kern/kern_mman.c

Unlock pages starting at addr and spanning len bytes. Calls vm_map_unwire internally

205

int undelete(char *path);

vfs/vfs_syscalls.c

Undelete file specified by path (works only for unionfs)

206-213

Various AppleTalk support calls

netat/sys_dep.c

Only used if AppleTalk support is defined

(which it isnM-^Rt by default on either OS X or iOS)

216i

open_dprotected_np

Ask Apple..

iOS specific: Non posix extension to open

216D

int mkcomplex

(const char *path,

mode_t mode,

u_long type);

 

Formely open_dprotected_np (in SL)

217D

int statv(const char *path, struct vstat *vsb);

vfs/vfs_syscalls.c

Supposed to return a volume and vnode stat buffer for path. Currently unimplemented (returns ENOTSUP)

218D

int lstatv(const char *path, struct vstat *vsb);

vfs/vfs_syscalls.c

Supposed to return a volume and vnode stat buffer for path, following links. Currently unimplemented (returns ENOTSUP)

219

int fstatv(int fd,

struct vstat *vsb);

vfs/vfs_syscalls.c

Supposed to return a volume and vnode stat buffer for an open file descriptor fd. Currently unimplemented (returns ENOTSUP)

220

int getattrlist(const char *path, struct attrl

ist *alist, void *attributeBuffer, size_t bufferSize, u_long options)

vfs/vfs_attrlist.c

Get file system attributes of file or filesystem at path, into attributeBuffer of BufferSize bytes, according to the attribute filter specified in alist, and options.

221

int setattrlist

(const char *path,

struct attrlist *alist,

void *attributeBuffer,

size_t bufferSize,

u_long options)

vfs/vfs_attrlist.c

Set file system attributes of file or filesystem at path, read from attributeBuffer of BufferSize bytes, according to the attribute filter specified in alist, and options.

222

int getdirentriesattr(int fd, struct attrlist *alist,

void *buffer,

size_t buffersize,

u_long *count,

u_long *basep,

u_long *newstate,

u_long options);

vfs/vfs_syscalls.c

get file system attributes for multiple directory entries in directory opened by fd. Iterates through dentries in that directory, and calls getattrlist on each (as #221), with all other arguments following the same semantics. If directory has been modified during iterations, an indication is returned in newState.

223

int exchangedata(const char *path1, const char *path2, u_long options);

vfs/vfs_syscalls.c

atomically exchange data between two files (path1 and path2), so that processes using files will either see pre or post-exchange data. Only option defined is FSOPT_NOFOLLOW, to not follow symbolic links.

225

int searchfs(const char *path, struct fssearchblock *sblock,

uint32_t *nummatches,

uint32_t scriptcode,

uint32_t options,

struct searchstate *state);

vfs/vfs_syscalls.c

Search a volume quickly for matches for searchblock. ScriptCode is a hardcoded magic (0x08000103)

226

int delete(user_addr_t path);

vfs/vfs_syscalls.c

Delete a name from the filesystem using Carbon semantics

(same as unlink (#10), but does not delete if file is busy)

227

int copyfile(char *from, char *to, int mode, int flags)

vfs/vfs_syscalls.c

Copy file data or metadata

228

int fgetattrlist(int fd, struct attrlist *alist, void *attributeBuffer, size_t bufferSize, u_long options);

vfs/vfs_attrlist.c

As getattrlist(#220), but on an open file

229

int fsetattrlist(int fd, struct attrlist *alist, void *attributeBuffer, size_t bufferSize, u_long options);

vfs/vfs_attrlist.c

As setattrlist(#221), but on an open file

230

int poll(struct pollfd *fds, u_int nfds, int timeout);

bsd/kern/sys_generic.c

q.v. select

231H

int watchevent(struct eventreq *u_req, int u_eventmask);

kern/sys_generic.c

Defined in sys/ev.h

232H

int waitevent(struct eventreq *u_req, struct timeval *tv);

kern/sys_generic.c

 

233H

int modwatch(struct eventreq *u_req, int u_eventmask);

kern/sys_generic.c

 

234

user_ssize_t getxattr(user_addr_t path, user_a

ddr_t attrname, user_addr_t value, size_t size, uint32_t position, int options);

vfs/vfs_syscalls.c

Get extended attributes of file specified by path

235

user_ssize_t fgetxattr(int fd, user_addr_t att

rname, user_addr_t value, size_t size, uint32_t position, int options);

vfs/vfs_syscalls.c

Get extended attributes of file opened by fd.

236

int setxattr(user_addr_t path, user_addr_t att

rname, user_addr_t value, size_t size, uint32_t position, int options);

vfs/vfs_syscalls.c

Set extended attributes of file specified by path

237

int fsetxattr(int fd, user_addr_t attrname, us

er_addr_t value, size_t size, uint32_t position, int options);

vfs/vfs_syscalls.c

Set extended attributes of file opened by fd.

238

int removexattr(user_addr_t path, user_addr_t

attrname, int options);

vfs/vfs_syscalls.c

Remove extended attributes from file specified by path.

239

int fremovexattr(int fd, user_addr_t a

ttrname, int options);

vfs/vfs_syscalls.c

Remove extended attributes from file opened by descriptor fd.

240

user_ssize_t listxattr(user_addr_t path, user_addr_t namebuf,

size_t bufsize,

int options);

vfs/vfs_syscalls.c

List extended attributes of file at path.

241

user_ssize_t flistxattr

(int fd, char *namebuf, size_t size, int options);

vfs/vfs_syscalls.c

As listxattr(#240), but list extended attributes of file opened by descriptor fd.

242

int fsctl(const char *path, u_long cmd,

caddr_t data,

u_int options);

vfs/vfs_syscalls.c

Ioctl(2) like interface for file system operations. Takes a path, and operates cmd on the file system containing the path, with data as an argument, and options

243

int initgroups

(u_int gidsetsize,

gid_t *gidset,

int gmuid)

kern/kern_prot.c

initialize group access list

244

int posix_spawn(pid_t *pid, const char *path,

const struct _posix_spawn_args_desc *adesc, char **argv,

char **envp)

kern/kern_exec.c

fork(2)/exec(2) replacement, with more features and control over spawned process. Process specified by executable at path as PID pid, with arguments and environment as specified by argv, envp, respectively. The adesc is a file_actions struct, specifying open/close and dup2 operations on file descriptors the spawned process will inherit.

245

int ffsctl(int fd,

u_long cmd,

caddr_t data,

u_int options);

vfs/vfs_syscalls.c

As fsctl, but on an open file descriptor (#242)

247

(nfs)

int nfsclnt(int flag,

caddr_t argp);

nfs/nfs_syscalls.c

Used by NFS client daemons to pass information to and from the kernel

248

(nfs)

int fhopen

(const struct fhandle *u_fhp, int flags);

nfs/nfs_syscalls.c

Open a file by its handle

250

int minherit(void *addr, size_t len, int inherit);

kern/kern_mman.c

Control inheritance of region from addr to addr+len:

VM_INHERIT_NONE, _COPY, or _SHARE.

251V

int semsys(u_int which,

int a2, int a3, int a4,

int a5);

kern/sysv_sem.c

Common entry point to all other sem* operations, using which as an index to the operation dispatch table (deprecated)

252V

int msgsys(u_int which, int a2, int a3, int a4, int a5);

kern/sysv_msg.c

Common entry point to all other msg* operations, using a which as an index to the operation dispatch table (deprecated)

253V

int shmsys(u_int which, int a2, int a3, int a4

); }

kern/sysv_sem.c

Common entry point to all other shm* operations, using which as an index to the operation dispatch table (deprecated)

254

int semctl(int semid, int semnum, int cmd, sem

un_t arg)

kern/sysv_sem.c

Perform cmd on semaphore set semid, consisting of semnum semaphores

255

int semget(key_t key, int nsems, int semfl

g);

kern/sysv_sem.c

Return int semid retrieved by key . Alternatively, create a new semaphore set of nsems semaphores

256V

int semop(int semid, struct sembuf *sops, int

nsops);

kern/sysv_sem.c

Perform semaphore operations specified in buffer sops (containing nsops entries) on semaphore set semid

258V

int msgctl(int msqid,

int cmd,

struct msqid_ds *buf);

kern/sysv_msg.c

Ioctl(2) like interface to SYS V message queues. The cmd may be IPC_RMID, IPC_STAT, IPC_SET

259V

int msgget(key_t key,

int msgflg);

kern/sysv_msg.c

Get a System V message queue

260V

int msgsnd(int msqid,

void *msgp, size_t msgsz

, int msgflg);

kern/sysv_msg.c

Send a System V message

261V

user_ssize_t msgrcv(int msqid, void *msgp, size_t msgsz, long msgtyp, int msgflg);

kern/sysv_msg.c

Receive a System V message

262V

user_addr_t shmat(int shmid, void *shmaddr, in

t shmflg);

kern/sysv_shm.c

Attach to shared memory shmid obtained by shmget(), with shmflg

263V

int shmctl(int shmid, int cmd, struct shmid_ds

*buf)

kern/sysv_shm.c

Control operations on shared memory

264V

int shmdt(void *shmaddr);

kern/sysv_shm.c

Detach from a shared memory region

265V

int shmget(key_t key, size_t size, int shmflg)

kern/sysv_shm.c

Gets handle to shared memory by key.

266

int shm_open(const char *name, int oflag, ...);

kern/posix_shm.c

Open a shared memory object

267

int shm_unlink

(const char *name);

kern/posix_shm.c

Remove a shared memory object

268

sem_t *sem_open

(const char *name, int oflag, ...);

kern/posix_sem.c

Open or create a semaphore by name, according to oflag, and return semaphore reference. The oflag value may be O_CREAT and/or O_EXCL, with the same semantics as open(2).

269

int sem_close(sem_t *sem);

kern/posix_sem.c

Close a semaphore sem

270

int sem_unlink(const char *name);

kern/posix_sem.c

Remove a semaphore identified by name

271

int sem_wait(sem_t *sem);

kern/posix_sem.c

Wait for semaphore sem, indefinitely

272

int sem_trywait(sem_t *sem);

kern/posix_sem.c

Try to wait for semaphore sem, but return immediately

273

int sem_post(sem_t *sem);

kern/posix_sem.c

Post (unlock) a semaphore sem

274H

int sem_getvalue

(sem_t *sem, int *sval);

kern/posix_sem.c

Not implemented in Lion (returns ENOSYS)

275

int sem_init(sem_t *sem, int phsared, u_int va

lue);

kern/posix_sem.c

Not implemented in Lion (returns ENOSYS)

276

int sem_destroy(sem_t *sem);

kern/posix_sem.c

Not implemented in Lion (returns ENOSYS)

277

int open_extended(user_addr_t path, int flags, uid_t uid, gid_t gid, int mode, user_addr_t xsecurity)

vfs/vfs_syscalls.c

As open (#5), but with additional uid, gid, and xsecurity.

(i.e. this creates a file as a different user and with ACLs)

278N

int umask_extended

(int newmask,

user_addr_t xsecurity)

fs/vfs_syscalls.c

As umask, but also sets additional xsecurity ACL

279N

int stat_extended

(user_addr_t path, us

er_addr_t ub, user_addr_t xsecurity, user_addr_t xsecurity_size);

vfs/vfs_syscalls.c

As stat, but also retrieves xsecurity ACL of xsecurity_size bytes

280

int lstat_extended

(user_addr_t path,

user_addr_t ub,

user_addr_t

xsecurity,

user_addr_t xsecurity_size)

vfs/vfs_syscalls.c

As lstat, but also retrieves xsecurity ACL of xsecurity_size bytes

281N

int fstat_extended(int fd, user_addr_t

ub, user_addr_t xsecurity, user_addr_t xsecurity_size)

vfs/vfs_syscalls.c

As fstat, but with additional xsecurity ACL of xsecurity_size bytes

282N

int chmod_extended

(user_addr_t path,

uid_t uid,

gid_t gid,

int mode,

user_addr_t xsecurity)

vfs/vfs_syscalls.c

As chmod, but with additional xsecurity ACL of xsecurity_size bytes

283N

int fchmod_extended(int fd,

uid_t uid,

gid_t gid,

int mode,

user_addr_t xsecurity)

vfs/vfs_syscalls.c

 

284

N

int access_extended

(user_addr_t entries,

size_t size,

user_addr_t results,

uid_t uid)

vfs/vfs_syscalls.c

Check access permissions in bulk. As access (#33), but extended to work over multiple entries, and specify different UID

285

N

int settid(uid_t uid,

gid_t gid)

kern/kern_prot.c

Set UID and GID for current thread

286

N

int gettid(uid_t *uidp,

gid_t *gidp)

kern/kern_prot.c

Get UID and GID of current thread

287

ni

int setsgroups_np

(int setlen,

user_addr_t guidset)

kern/kern_prot.c

Set per-thread additional groups

288

ni

int getsgroups_np(user_addr_t setlen, user_addr_t guidset)

kern/kern_prot.c

Get per-thread additional groups.

Returns (ENOTSUP)

289

ni

int setwgroups(int setlen, const uuid_t guidset);

kern/kern_prot.c

Set per-thread whiteout group list.

Returns (ENOTSUP)

290

ni

int getwgroups (int *setlen, uuid_t guidset);

kern/kern_prot.c

Get per-thread whiteout group list

(Returns ENOTSUP)

291

N

int mkfifo_extended

(user_addr_t path,

uid_t uid,

gid_t gid,

int mode,

user_addr_t xsecurity)

vfs/vfs_syscalls.c

As mkfifo(#132), but with owner (uid), group (gid), and ACL (security)

292

N

int mkdir_extended

(user_addr_t path,

uid_t uid,

gid_t gid,

int mode,

user_addr_t xsecurity)

vfs/vfs_syscalls.c

As mkdir(#136), but with owner (uid), group (gid), and ACL (security)

293O

int identitysvc(int opcode,

user_addr_t message)

kern/kern_credential.c

Reserved for identity resolvers. Opcode can be:

- KAUTH_EXTLOOKUP_REGISTER: to register a new resolver process

- KAUTH_EXTLOOKUP_DEREGISTER: to deregister the exsting resolver process

 

 

294

int shared_region_check_np

(uint64_t *start_address

bsd/vm/vm_unix.c

Used excusively by dyld(1).

296

int vm_pressure_monitor

(int wait_for_pressure,

int nsecs_monitored,

uint32_t *pages_reclaimed);

vm/vm_unix.c

Falls through to the mach_vm_pressure_monitor_trap.

297

uint32_t psynch_rw_longrdlock(user_addr_t rwlock, uint32_t lgenval, uint32_t ugenval, uint32_t rw_wc, int flags)

kern/pthread_support.c

In previous versions of OS X, this slot used to be occupied by reset_shared_file

298

uint32_t psynch_rw_yieldwrlock(user_addr_t rwlock, uint32_t lgenval, uint32_t ugenval, uint32_t rw_wc, int flags);

kern/pthread_support.c

In previous versions of OS X, this slot used to be occupied by new_system_shared_file

299

int psynch_rw_downgrade(user_addr_t rwlock, uint32_t lgenval, uint32_t ugenval, uint32_t rw_wc, int flags);

kern/pthread_support.c

In previous versions of OS X, this slot used to be occupied by shared_region_map_file_np (introduced in Tiger)

300

uint32_t psynch_rw_upgrade(user_addr_t rwlock, uint32_t lgenval, uint32_t ugenval, uint32_t rw_wc, int flags);

kern/pthread_support.c

In previous versions of OS X, this slot used to be occupied by shared_region_make_private_np (introduced in Tiger)

301M

uint32_t psynch_mutexwait(user_addr_t mutex, uint32_t mgen, uint32_t ugen, uint64_t tid, uint32_t flags);

kern/pthread_support.c

 

302

uint32_t psynch_mutexdrop(user_addr_t mutex, uint32_t mgen, uint32_t ugen, uint64_t tid, uint32_t flags);

kern/pthread_support.c

 

303

uint32_t psynch_cvbroad(user_addr_t cv, uint64_t cvlsgen, uint64_t cvudgen, uint32_t flags, user_addr_t mutex, uint64_t mugen, uint64_t tid);

kern/pthread_support.c

 

304

uint32_t psynch_cvsignal(user_addr_t cv, uint64_t cvlsgen, uint32_t cvugen, int thread_port, user_addr_t mutex, uint64_t mugen, uint64_t tid, uint32_t flags);

kern/pthread_support.c

 

305

uint32_t psynch_cvwait(user_addr_t cv, uint64_t cvlsgen, uint32_t cvugen, user_addr_t mutex, uint64_t mugen, uint32_t flags, int64_t sec, uint32_t nsec);

kern/pthread_support.c

 

306

uint32_t psynch_rw_rdlock(user_addr_t rwlock, uint32_t lgenval, uint32_t ugenval, uint32_t rw_wc, int flags);

kern/pthread_support.c

 

307

uint32_t psynch_rw_wrlock(user_addr_t rwlock, uint32_t lgenval, uint32_t ugenval, uint32_t rw_wc, int flags);

kern/pthread_support.c

 

308

uint32_t psynch_rw_unlock(user_addr_t rwlock, uint32_t lgenval, uint32_t ugenval, uint32_t rw_wc, int flags);

kern/pthread_support.c

 

309

uint32_t psynch_rw_unlock2(user_addr_t rwlock, uint32_t lgenval, uint32_t ugenval, uint32_t rw_wc, int flags);

 

 

310

int getsid(pid_t pid);

kern/kern_prot.c

Get session ID of process ID pid. If pid is 0, current process.

311N

int settid_with_pid(pid_t pid, int assume)

kern/kern_prot.c

Like settid(#285), but setuid of thread to pid:

if (assume)

setuid of thread, to match uid of process pid

else

revert to self uid

312L

psynch_cvclrprepost(user_addr_t cv, uint32_t cvgen, uint32_t cvugen, uint32_t cvsgen, uint32_t prepocnt, uint32_t preposeq, uint32_t flags);

kern/pthread_support.c

Clear a pending prepost, if any.

 

 

 

 

New in Lion, Overrides the old pthread_cond_timewait

313

M

int aio_fsync(int op, user_addr_t aiocbp);

kern/kern_aio.c

<sys/aio.h>

Sync (op=O_SYNC) all asynchronous IO operations on aiocbp->aio_filedes.

314

ssize_t aio_return

(struct aiocb *aiocbp);

kern/kern_aio.c

<sys/aio.h>

Return status code of Asynchronous IO request specified by aiocbp.

315

int aio_suspend(user_addr_t aiocblist, int nent, user_addr_t timeoutp);

kern/kern_aio.c

<sys/aio.h>

Suspend caller thread until at least one of the nent asynchronous

IO operations specified in aiocblist has completed, or timeoutp has elapsed.

316

int aio_cancel(int fd, struct aiocb *aiocbp);

kern/kern_aio.c

<sys/aio.h>

Cancel asynchronous IO request on fd specified by aiocbp, or all asynchronous requests (if NULL).

317

int aio_error

(const struct aiocb * aiocbp);

kern/kern_aio.c

<sys/aio.h>

Return error status of request specified in aiocbp

318

int aio_read

(struct aiocb * aiocbp);

kern/kern_aio.c

<sys/aio.h>

Asynchronous version of read: read aiocbp->aio_nbytes from offset aiocbp->aio_offset of aiocbp-->aio_filedes into aiocbp->aio_buf, but return immediately.

319

int aio_write(user_addr_t aiocbp);

kern/kern_aio.c

<sys/aio.h>

As aio_read, but writing request. Returns immediately.

320

M

lio_listio(int mode,

struct aiocb *const aiocblist[],

int nent,

struct sigevent *sigp);

kern/kern_aio.c

<sys/aio.h>

Send synchronously (mode=LIO_WAIT) or asynchronously (mode=LIO_NOWAIT) all nent operations specified in array aiocblist. Optionally notify of completion, if asynchronous, by sigp.

322

int iopolicysys(int cmd, void *arg)

kern/kern_resource.c

Accessible from user mode as getiopolicy_np(int,int) and setiopolicy_np(int,int,int) from <sys/resource.h>

323N

L

int process_policy(int scope, int action, int policy, int policy_subtype, user_addr_t attrp, pid_t target_pid, uint64_t target_threadid)

kern/process_policy.c

OS X and iOS specific, controlling process and thread policy.

 

Scope may be: PROC_POLICY_SCOPE_PROCESS or _THREAD

Policy may be _BACKGROUND, _HARDWARE_ACCESS

, _RESOURCE_STARVATION, _RESOURCE_USAGE, or _APPTYPE:

Actions and policy subtypes are policy dependent.

324

I

int mlockall(int how);

kern/kern_mman.c

Evil, egotistic call to mlock() all process pages.

Not supported (Returns ENOSYS)

325

I

int munlockall(int how);

kern/kern_mman.c

A call to repent and munlock() all process pages.

Not supported (Returns ENOSYS).

327

int issetugid(void);

bsd/kern/kern_prot.c

Returns non zero if current thread is under setuid or setgid

328

int __pthread_kill

(int thread_port,

int sig);

bsd/kern/kern_sig.c

Send signal sig directly to thread_port (rather than process). Implementation gets bsd thread from thread port, then calls psignal_uthread on it.

329

int __pthread_sigmask(int how, user_addr_t set, user_addr_t oset);

bsd/kern/kern_sig.c

Set thread signal mask

330

int __sigwait(sigset_t *set,

user_addr_t sig);

 

Pause process until requested signal is delivered

331

int __disable_threadsignal

(int value);

bsd/kern/kern_sig.c

Disable signal delivery to current thread. Value is ignored

332N

int __pthread_markcancel

(int thread_port);

bsd/kern/kern_sig.c

Mark thread for cancellation. Calls thread_abort_safely.

333

N

int __pthread_canceled(int action);

bsd/kern/kern_sig.c

According to action:

0: Return cancellation state of current thread and cancel if marked

1: Enable the cancel handling

2: Disable the cancel handling

334

int __semwait_signal(int cond_sem, int mutex_sem, int timeout, int relative, int64_t tv_sec, int32_t tv_nsec);

bsd/kern/kern_sig.c

 

336N

int proc_info(int32_t callnum,int32_t pid,uint32_t flavor, uint64_t arg,user_addr_t buffer,int32_t buffersize)

kern/proc_info.c

callnum is

1: listpids: PID can be PROC_PGRP_ONLY (flavor is requested pgrp),PROC_PPID_ONLY, PROC_ALL_PIDS, PROC_TTY_ONLY, PROC_UID_ONLY, or PROC_RUID_ONLY

2: pidinfo: PID is pid to list. Flavor can be PROC_PIDLISTFDS, PIDTBSDINFO, PROC_PIDTASKINFO, PROC_PIDTASKALLINFO..

3: pidfdinfo (return file descriptor information)

4: kernmsgbuf (used by dmesg(1) command)

5: setcontrol (various process control calls, e.g. set thread name)

6: pidfileportinfo (return file port information)

 

flavor changes according to callnum

<sys/proc_info.h> holds the process information.

 

Discussed in Chapters 5 and 14.

337

int sendfile(int fd, int s, off_t offset, off_t *nbytes, struct sf_hdtr *hdtr, int flags);

 

#if SENDFILE

Enables sending an open file, or part thereof (as specified in offset and nbytes), through a socket. Optionally also specify a header or trailer in hdtr.

338-340

stat64/fstat64/lstat64

vfs/vfs_syscalls.c

64-bit versions of [/f/l]stat ()

341-343N

[stat/fstat/lstat]64_extended

bsd/vfs/vfs_syscalls.c

As [/l/f]stat64, with additional ACL (security) of security_size bytes

344N

user_ssize_t getdirentries64

(int fd, void *buf, user_size_t bufsize, off_t *position)

vfs/vfs_syscalls.c

64-bit version of getdirentries

345-346

[statfs/fstatfs]64

vfs/vfs_syscalls.c

64-bit versions of statfs and fstatfs, respectively

347

int getfsstat64(char *buf,

int bufsize,

int flags);

vfs/vfs_syscalls.c

64-bit version of getfsstat

348N

int __pthread_chdir

(user_addr_t path);

vfs/vfs_syscalls.c

As chdir (on path), but for current thread, not entire process.

349N

int __pthread_fchdir(int fd);

vfs/vfs_syscalls.c

As fchdir (chdir on fd), but for current thread, not entire process.

350

A

int audit(void *record,

int length);

security/audit/audit_syscalls.c

Send a Basic Security Module audit record of length bytes to audit log

351

A

int auditon(int cmd,

void *data,

int length);

security/audit/audit_syscalls.c

Configure system audit parameters

353

A

int getauid(au_id_t *auid);

security/audit/audit_syscalls.c

Get audit session ID

354

A

int setauid(au_id_t *auid);

security/audit/audit_syscalls.c

Set audit session ID

355

A

int getaudit

(struct auditinfo *auditinfo);

security/audit/audit_syscalls.c

Deprectated in Lion, removed in ML

356

A

int setaudit

(struct auditinfo *auditinfo);

security/audit/audit_syscalls.c

Deprecated in Lion, removed in ML

357

A

int getaudit_addr

(struct auditinfo_addr *ai_ad,

int length);

security/audit/audit_syscalls.c

 

358

A

int setaudit_addr

(struct auditinfo_addr *ai_ad,

int length);

security/audit/audit_syscalls.c

Set audit session state

359

A

int auditctl(char *path);

security/audit/audit_syscalls.c

Open new audit trail file, specified by path

360

WN

user_addr_t bsdthread_create(user_addr_t func, user_addr_t func_arg, user_addr_t stack, user_addr_t pthread, uint32_t flags)

kern/pthread_synch.c

Create a new BSD thread

361

WN

int bsdthread_terminate(user_addr_t stackaddr, size_t freesize, uint32_t port, uint32_t sem)

kern/pthread_synch.c

Terminate a BSD thread.

362

int kqueue(void);

kern/kern_event.c

Return a file descriptor to a new kernel event queue.

 

Discussed in Chapter 3

363

int kevent(int fd,

const struct kevent *chglist,

int nchanges, struct kevent *eventlist, int nevents, const struct timespec *timeout);

kern/kern_event.c

Register event with queue specified by fd. Return events to user.

 

Discussed in Chapter 3

364

int lchown(char *path,

uid_t owner,

gid_t group)

vfs/vfs_syscalls.c

As chown (#..), but does not follow symbolic links

365

N

int stack_snapshot(pid_t pid, user_addr_t tracebuf,

uint32_t tracebuf_size, uint32_t flags,

uint32_t dispatch_offset)

kern/kdebug.c

Obtain stack snapshot of process pid (-1 = all processes) into a buffer tracebuf of tracebuf_size bytes.

 

Detailed in Chapter 5.

366

W

int bsdthread_register

(user_addr_t threadstart, user_addr_t wqthread,

int pthsize,

user_addr_t dummy_value, user_addr_t targetconc_ptr, uint64_t dispatchqueue_offset)

kern/pthread_synch.c

Register thread start functions

367NW

int workq_open(void) ;

kern/pthread_synch.c

Creates a work queue. Work Queues are the foundation of Grand Central Dispatcher. Discussed in Chapter 14

368NW

int workq_kernreturn

(int options,

user_addr_t item,

int affinity,

int prio);

kern/pthread_synch.c

Miscellaneous operations on workqueues.

 

Discussed in chapter 14

369

int kevent64(int fd, const struct kevent64_s *changelist, int nchanges, struct kevent64_s *eventlist, int nevents, unsigned int flags, const struct timespec *timeout);

kern/kern_event.c

64-bit version of kevent(#363)

370

int __old_semwait_signal(int cond_sem, int mutex_sem, int timeout, int relative, const struct timespec *ts);

kern/kern_sig.c

#if OLD_SEMWAIT_SIGNAL

371

int __old_semwait_signal_nocancel(int cond_sem, int mutex_sem, int timeout, int relative, const struct timespec *ts)

kern/kern_sig.c

#if OLD_SEMWAIT_SIGNAL

372N

uint64_t thread_selfid (void)

kern/ pthread_synch.c

Returns TID of current thread.

373

i, ML

ledger

N/A

Introduced in iOS 4, Mountain Lion

380

int __mac_execve(char *fname, char **argp, char **envp, struct mac *mac_p);

kern/kern_exec.c

Execute a program specified by fname with arguments and environment (argp, envp) according to policy mac_p.

 

Used by sandbox. Discussed in Chapters 3 and 14

381

int __mac_syscall

(char *policy,

int call,

user_addr_t arg);

../security/mac_base.c

MAC policy system call

382

int __mac_get_file

(char *path_p,

struct mac *mac_p);

../security/mac_base.c

Get MAC label of a given pathname path_p

383

int __mac_set_file

(char *path_p,

struct mac *mac_p);

../security/mac_base.c

Set MAC label of a given pathname path_p.

384

int __mac_get_link(char *path_p, struct mac *mac_p);

../security/mac_base.c

Get MAC label of a file, following links

385

int __mac_set_link(char *path_p, struct mac *mac_p);

../security/mac_base.c

Set MAC label of a file, following links

386

int __mac_get_proc

(struct mac *mac_p);

../security/mac_base.c

Get MAC label of current process

387

int __mac_set_proc

(struct mac *mac_p);

../security/mac_base.c

Set label of current process

388

int __mac_get_fd(int fd,

struct mac *mac_p);

../security/mac_base.c

Get label of a given id

389

int __mac_set_fd(int fd, struct mac *mac_p);

../security/mac_base.c

Set label of a given fd

390

int __mac_get_pid(pid_t pid, struct mac *mac_p);

../security/mac_base.c

Get label of a given pid

391

int __mac_get_lcid(pid_t lcid, struct mac *mac_p);

../security/mac_base.c

MAC enabled set login context id

392

int __mac_get_lctx

(struct mac *mac_p);

../ security/mac_base.

MAC enabled get login context

393

int __mac_set_lctx

(struct mac *mac_p);

../security/mac_base.c

Mac enabled set login context

394

int setlcid(pid_t pid,

pid_t lcid)

kern/kern_prot.c

set login context

395

int getlcid(pid_t pid)

kern/kern_prot.c

Get login context

396

user_ssize_t read_nocancel

(int fd,

user_addr_t cbuf,

user_size_t nbyte)

kern/sys_generic.c

Non-cancelable version (and body) of read(#3)

397

user_ssize_t write_nocancel

(int fd,

user_addr_t cbuf,

user_size_t nbyte)

kern/sys_generic.c

Non-cancelable version (and body) of write (#4)

398

int open_nocancel(user_addr_t path, int flags, int mode)

vfs/vfs_syscalls.c

Non-cancelable version (and body) of open(#5)

399

int close_nocancel(int fd)

kern/kern_descrip.c

Non-cancelable version (and body) of close (#6)

400

int wait4_nocancel(int pid, user_addr_t status, int options, user_addr_t rusage)

kern/kern_exit.c

Non-cancelable version (and body) of wait4 (#7)

401

S

int recvmsg_nocancel(int s, struct msghdr *msg, int flags)

kern/uipc_syscalls.c

Non-cancelable version (and body) of recvmsg (#27)

402S

int sendmsg_nocancel(int s, caddr_t msg, int flags)

kern/uipc_syscalls.c

Non-cancelable version (and body) of sendmsg (#28)

403S

int recvfrom_nocancel(int s, void *buf, size_t len, int flags, struct sockaddr *from, int *fromlenaddr)

kern/uipc_syscalls.c

Non-cancelable version (and body) of recvfrom (#29)

404S

int accept_nocancel(int s, caddr_t name, socklen_t *anamelen)

kern/uipc_syscalls.c

Non-cancelable version (and body) of accept (#30)

405

int msync_nocancel(caddr_t addr, size_t len, int flags)

kern/kern_mman.c

Non-cancelable version(and body) of msync (#65)

406

int fcntl_nocancel(int fd, int cmd, long arg)

kern/kern_descrip.c

Non-cancelable version (and body of) fcntl (#92)

407

int select_nocancel(int nd, u_int32_t *in, u_int32_t *ou, u_int32_t *ex, struct timeval *tv) ;

kern/sys_generic.c

Non-cancelable version (and body of) select (#93)

408

int fsync_nocancel(int fd)

vfs/vfs_syscalls.c

Non-cancelable version (and body of ) fsync (#95)

409S

int connect_nocancel(int s, caddr_t name, socklen_t namelen)

kern/uipc_syscalls.c

Non-cancelable version (and body of) of connect (#98)

410

int sigsuspend_nocancel(sigset_t mask)

kern/kern_sig.c

Non-cancelable version (and body of) sigsuspend (#111)

411

user_ssize_t readv_nocancel(int fd, struct iovec *iovp, u_int iovcnt)

kern/sys_generic.c

Non-cancelable version (and body of) of readv (#120)

412

user_ssize_t writev_nocancel(int fd, struct iovec *iovp, u_int iovcnt)

kern/sys_generic.c

Non-cancelable version (and body of) of writev (#121)

413S

int sendto_nocancel(int s, caddr_t buf, size_t len, int flags, caddr_t to, socklen_t tolen)

kern/uipc_syscalls.c

Non-cancelable version (and body of) of sendto (#98)

414

user_ssize_t pread_nocancel(int fd, user_addr_t buf, user_size_t nbyte, off_t offset)

kern/kern_exit.c

Non-cancelable version of pread (#153)

415

user_ssize_t pwrite_nocancel(int fd, user_addr_t buf, user_size_t nbyte, off_t offset)

kern/sys_generic.c

Non-cancelable version (and body of) pwrite (#154)

416

int waitid_nocancel(idtype_t idtype, id_t id, siginfo_t *infop, int options)

kern/kern_exit.c

Non-cancelable version (and body of) waitid (#173)

417

int poll_nocancel(struct pollfd *fds, u_int nfds, int timeout)

kern/sys_generic.c

Non-cancelable version (and body of) poll (#230)

418V

int msgsnd_nocancel(int msqid, void *msgp, size_t msgsz, int msgflg)

kern/sysv_msg.c

Non-cancelable version (and body of) msgsnd (#260)

419V

user_ssize_t msgrcv_nocancel

(int msqid,

void *msgp,

size_t msgsz,

long msgtyp,

int msgflg);

kern/sysv_msg.c

Non-cancelable version (and body of) msgrcv (#261)

420

int sem_wait_nocancel(sem_t *sem)

kern/posix_sem.c

Non-cancelable version (and body of) sem_wait (#271)

421

int aio_suspend_nocancel

(user_addr_t aiocblist,

int nent,

user_addr_t timeoutp)

kern/kern_aio.c

Non-cancelable version of aio_suspend (#315)

422

int __sigwait_nocancel(user_addr_t set, user_addr_t sig)

kern/kern_sig.c

Non-cancelable version of sigwait (#330)

423

int __semwait_signal_nocancel(int cond_sem, int mutex_sem, int timeout, int relative, int64_t tv_sec, int32_t tv_nsec);

kern/kern_sig.c

Available in even if OLD_SEMWAIT_SIGNAL is not defined

424

int __mac_mount

(char *type,

char *path,

int flags,

caddr_t data,

struct mac *mac_p);

vfs/vfs_syscalls.c

MAC enabled version (and body of) of mount(2)

425

int __mac_get_mount

(char *path,

struct mac *mac_p);

../security/mac_base.c

Get mount point label information for a given pathname

426

int __mac_getfsstat

(user_addr_t buf,

int bufsize,

user_addr_t mac,

int macsize,

int flags);

vfs/vfs_syscalls.c

Get MAC-related file system statistics (also body of getfsstat)

427N

user_ssize_t fsgetpath

(user_addr_t buf,

size_t bufsize,

user_addr_t fsid,

uint64_t objid)

vfs/vfs_syscalls.c

Obtain the full pathname of a file system object by id

428N

mach_port_name_t audit_session_self(void);

security/audit/audit_session.c

Obtain a Mach send right for the current session

429

int audit_session_join

(mach_port_name_t port);

security/audit/audit_session.c

Join the session for a given Mach port send right

430#

int fileport_makeport(int fd, user_addr_t portnamep);

kern/kern_descrip.c

Convert a file descriptor to a Mach port

431#

int fileport_makefd

(mach_port_name_t port);

kern/kern_descrip.c

Convert a mach port to a file descriptor

432#

L

int audit_session_port

(au_asid_t asid,

user_addr_t portnamep);

security/audit/audit_session.c

Obtain a Mach send right for the given session ID.

433#

int pid_suspend(int pid);

vm/vm_unix.c

Suspend process. #if CONFIG_FREEZE, this freezes the process memory.

434#

int pid_resume(int pid);

vm/vm_unix.c

Resume process. #if CONFIG_FREEZE, this thaws the process memory.

435iEL

int pid_hibernate(int pid);

vm/vm_unix.c

Hibernate all processes (currently only pid=-1 is supported)

436iEL

int pid_shutdown_sockets(int pid, int level);

vm/vm_unix.c

Shutdown according to level (as #134) all the sockets of process pid.

438L

int shared_region_map_and_slide_np(int fd, uint32_t count, const struct shared_file_mapping_np *mappings, uint32_t slide, uint64_t* slide_start, uint32_t slide_size)

vm/vm_unix.c

Used by dyld to map shared memory regions and adjust by a slide value (for ASLR or remapping).

439

ML

kas_info

vm/vm_unix.c?

Obtain kernel address space randomization (slide) value.

Likely to be present, but intentionally unsupported in iOS 6 and beyond.

440

Mav

kas_info

vm/vm_unix.c?

Obtain kernel address space randomization (slide) value.

Likely to be present, but intentionally unsupported in iOS 6 and beyond.

445

Mav

usrctl

kern_xxx.c

Force POSIX semaphore and shared memory cache purge. Usable only by launchd(1).

 

 


Legend:

 

A:

Conditional on CONFIG_AUDIT. Not present in iOS.

D:

Deprecated, or not implemented

E:

Conditional on CONFIG_EMBEDDED (found in iOS)

H:

No man page, but can be found in /usr/include headers

i:

Present in iOS, but not in OS X

L:

New in Lion/iOS

M:

New in Mountain Lion

N:

No man page, not syscall stub in /usr/include headers

O:

Found on OS X, but not on iOS

S:

Conditional on CONFIG_SOCKETS (found in both OS X and iOS)

V:

Conditional on CONFIG_SYSV. Not found in iOS

#:

Renumbered in Lion


Appendix II: Mach traps (system calls) in XNU

 

#

Trap prototype

File

Notes

10 (i,M)

_kernelrpc_mach_vm_allocate_trap

?

Trap interface to mach_vm_allocate

11 (i,M)

_kernelrpc_ _vm_allocate_trap

?

Trap interface to vm_allocate

12 (i,M)

_kernelrpc_mach_vm_deallocate_trap

?

Trap interface to mach_vm_deallocate

13 (i,M)

_kernelrpc _vm_deallocate_trap

?

Trap interface to vm_deallocate

14 (i,M)

_kernelrpc_mach_vm_protect_trap

?

Trap interface to mach_vm_protect

15 (i,M)

_kernelrpc_vm_protect_trap

?

Trap interface to vm_protect

16 (i,M)

_kernelrpc_mach_port_allocate_trap

?

Trap interface to mach_port_allocate

17 (i,M)

_kernelrpc_mach_port_destroy_trap

?

Trap interface to mach_port_destroy

18 (i,M)

_kernelrpc_mach_port_deallocate_trap

?

Trap interface to mach_port_deallocate

19 (i,M)

_kernelrpc_mach_port_mod_refs_trap

 

?

Trap interface to mach_port_mod_refs

20 (i,M)

_kernelrpc_mach_port_move_member_trap

?

Trap interface to mach_port_move_member

21 (i,M)

_kernelrpc_mach_port_insert_right_trap

?

Trap interface to mach_port_insert_right

22 (i,M)

_kernelrpc_mach_port_insert_member_trap

?

Trap interface to mach_port_insert_member

23 (i,M)

_kernelrpc_mach_port_extract_member_trap

?

Trap interface to mach_port_extract_member

26

mach_reply_port

osfmk/kern/ipc_tt.c:

Allocate a port for caller

27

thread_self_trap

osfmk/kern/ipc_tt.c

Give the caller send rights for his own task port. Wrapped by mach_thread_self()

28

task_self_trap

osfmk/kern/ipc_tt.c

Give the caller send rights for his own task port. Wrapped by mach_task_self()

29

host_self_trap

osfmk/kern/ipc_host.c

Give the caller send rights for his own host port. Wrapped by mach_host_self()

31

mach_msg_trap

osfmk/ipc/mach_msg.c

The crux of all Mach messaging. Sends or receives a message

32

mach_msg_overwrite_trap

osfmk/ipc/mach_msg.c

As mach_msg_trap, but with an option to overwrite memory (i.e. caller supplies pointer)

33

semaphore_signal_trap

osfmk/kern/sync_sema.c

Signal a Mach semaphore (awakens a thread that is blocking on it)

34

semaphore_signal_all_trap

osfmk/kern/sync_sema.c

Same as semaphore_signal_trap, but awakens all threads blocking on the Mach semaphore.

35

semaphore_signal_thread_trap

osfmk/kern/sync_sema.c

Same as semaphore_signal_trap, but awakens a specific thread blocking on the Mach semaphore

36

semaphore_wait_trap

osfmk/kern/sync_sema.c

Block on a Mach semaphore

37

semaphore_wait_signal_trap

osfmk/kern/sync_sema.c

Atomically register a wait on a semaphore and THEN signal

 

38

semaphore_timed_wait_trap

osfmk/kern/sync_sema.c

Same as semaphore_wait_trap, but blocks until semaphore is available, or a given timeout expires. Timeout can also be {0,0}, specifying a try, rather than a block.

39

semaphore_timed_wait_signal_trap

osfmk/kern/sync_sema.c

The timed version of semaphore_wait_signal_trap

43

map_fd

bsd/kern/kern_mman.c

Not defined for iOS

44

task_name_for_pid

vm/vm_unix.c

Retrieves task port of current task.

 

Heavily guarded in iOS. Subject to MAC checks by AMFI.

45

task_for_pid

bsd/kern/kern_mman.c

As task_name_for_pid, but disallows PID 0, and calls taskgated.

 

Heavily guarded in iOS. Subject to MAC checks by AMFI.

46

pid_for_task

bsd/kern/kern_mman.c

Returns BSD PID belonging to specified task

47

kern_invalid

--

--

48

macx_swapon

vm/dp_backing_file.c

Add a file to the swapperM-^Rs backing store

49

macx_swapoff

bsd/vm/dp_backing_file.c

Remove a file from the swapperM-^Rs backing store

51

macx_triggers

bsd/vm/dp_backing_file.c

Used by dynamic_pager to set high and low water marks for swapping

52

macx_backing_store_suspend

bsd/vm/dp_backing_file.c

Toggle swapping when backing store space is low

53

macx_backing_store_recovery

bsd/vm/dp_backing_file.c

Allow current task to keep swapping even if backing store is suspend

58

pfz_exit

osfmk/kern/syscall_subr.c

Originally used to exit the Preemption Free Zone. Now done automatically. Returns KERN_SUCCESS anyway

59

swtch_pri

osfmk/kern/syscall_subr.c

Same as.swtch (#60), but depresses current threadM-^Rs priority (i.e. checks for context switch versus lower priority threads than current).

60

swtch

osfmk/kern/syscall_subr.c

Perform a check for a hyptothetical context-switch, and return TRUE if a context switch could be performed (meaning other threads are runnable, and pending), or FALSE if there is no other thread.

61

thread_switch

osfmk/kern/syscall_subr.c

Force context switch of current thread. Allows for handoff (specifying the next thread hint)

62

clock_sleep_trap

osfmk/kern/clock_oldops.c

Sleep on a clock (similar to alarm(2)).

63

kern_invalid

--

--

64-88

Reserved (--)

--

--

89

mach_timebase_info_trap

osfmk/kern/clock.c

Returns Mach timebase constant

90

mach_wait_until_trap

osfmk/kern/clock.c

Wait until deadline expiration

91

mk_timer_create_trap

osfmk/kern/mk_timer.c

Create a new mk_timer

92

mk_timer_destroy_trap

osfmk/kern/mk_timer.c

Destroy an mk_timer

93

mk_timer_arm_trap

osfmk/kern/mk_timer.c

Arm an mk_timer

94

mk_timer_cancel_trap

osfmk/kern/mk_timer.c

Cancel a pending mk_timer

100

 

iokit_user_client_trap

iokit/Kernel/IOUserClient.cpp

Obsolete trap for I/O Kit access.

 

This trap exists on iOS, though for some reason is not shown by name

? - The file name is unknown at the time of writing. This is because the XNU sources corresponding to Mountain Lion are not yet available.

 


Forum About the Book Notes News Code Samples Downloads Resources Links dock