Syscalls provide an interface to the services made available by an operating system. These system calls are generally available as C/C++ functions. They are a method for a program to request services from the kernel. It is the only method to access the kernel system.
Each system call has a number associated with it and the system call interface maintains a table indexed according to these numbers. Parameters can be passed to a system call either via -
The last two methods do not limit the number of parameters that we can supply.
There are six major categories. They will be discussed below.
It is a restricted mode with limited access to the system's resources. Code running in user mode can only make use of the system calls API. In windows, when a process is created, it is allocated a private virtual address space, which by definition cannot be accessed by other processes. This is done to ensure that if one program crashes, it is isolated and does not effect the OS or other processes.
It is a privileged mode with complete access the machine's hardware. The code has complete access to the hardware. All of the kernel mode programs share a single virtual private space. This means that all the kernel drivers (which will obviously be running in kernel mode) share the same address space, and one single write to the wrong address will crash the drivers which will in turn crash the operating system.
If a privileged instruction is tried to be executed in user mode, it is treated as illegal and trapped to the OS. A mode bit set to 1 indicates user mode and 0 indicates kernel mode. A trap happens when switching from user mode to kernel mode, where the mode bit is "trapped" to 0. Before returning the control to the user program, the mode is switched back to user mode always.