# The idea of sys .linux is to define an near-isomorphic yet # elymas-style interface to syscalls # argument order tends to follow kernel API < 43 ==:ACCEPT 288 ==:ACCEPT64 21 ==:ACCESS 163 ==:ACCT 248 ==:ADD_KEY 159 ==:ADJTIMEX 183 ==:AFS_SYSCALL 37 ==:ALARM 158 ==:ARCH_PRCTL 49 ==:BIND 12 ==:BRK 125 ==:CAPGET 126 ==:CAPSET 80 ==:CHDIR 90 ==:CHMOD 92 ==:CHOWN 161 ==:CHROOT 229 ==:CLOCK_GETRES 228 ==:CLOCK_GETTIME 230 ==:CLOCK_NANOSLEEP 227 ==:CLOCK_SETTIME 56 ==:CLONE 3 ==:CLOSE 42 ==:CONNECT 85 ==:CREAT 174 ==:CREATE_MODULE 176 ==:DELETE_MODULE 32 ==:DUP 33 ==:DUP2 292 ==:DUP3 213 ==:EPOLL_CREATE 291 ==:EPOLL_CREATE1 233 ==:EPOLL_CTL 214 ==:EPOLL_CTL_OLD 281 ==:EPOLL_PWAIT 232 ==:EPOLL_WAIT 215 ==:EPOLL_WAIT_OLD 284 ==:EVENTFD 290 ==:EVENTFD2 59 ==:EXECVE 60 ==:EXIT 231 ==:EXIT_GROUP 269 ==:FACCESSAT 221 ==:FADVISE64 285 ==:FALLOCATE 300 ==:FANOTIFY_INIT 301 ==:FANOTIFY_MARK 81 ==:FCHDIR 91 ==:FCHMOD 268 ==:FCHMODAT 93 ==:FCHOWN 260 ==:FCHOWNAT 72 ==:FCNTL 75 ==:FDATASYNC 193 ==:FGETXATTR 196 ==:FLISTXATTR 73 ==:FLOCK 57 ==:FORK 199 ==:FREMOVEXATTR 190 ==:FSETXATTR 5 ==:FSTAT 138 ==:FSTATFS 74 ==:FSYNC 77 ==:FTRUNCATE 202 ==:FUTEX 261 ==:FUTIMESAT 177 ==:GET_KERNEL_SYMS 239 ==:GET_MEMPOLICY 274 ==:GET_ROBUST_LIST 211 ==:GET_THREAD_AREA 79 ==:GETCWD 78 ==:GETDENTS 217 ==:GETDENTS64 108 ==:GETEGID 107 ==:GETEUID 104 ==:GETGID 115 ==:GETGROUPS 36 ==:GETITIMER 52 ==:GETPEERNAME 121 ==:GETPGID 111 ==:GETPGRP 39 ==:GETPID 181 ==:GETPMSG 110 ==:GETPPID 140 ==:GETPRIORITY 120 ==:GETRESGID 118 ==:GETRESUID 97 ==:GETRLIMIT 98 ==:GETRUSAGE 124 ==:GETSID 51 ==:GETSOCKNAME 55 ==:GETSOCKOPT 186 ==:GETTID 96 ==:GETTIMEOFDAY 102 ==:GETUID 191 ==:GETXATTR 175 ==:INIT_MODULE 254 ==:INOTIFY_ADD_WATCH 253 ==:INOTIFY_INIT 294 ==:INOTIFY_INIT1 255 ==:INOTIFY_RM_WATCH 210 ==:IO_CANCEL 207 ==:IO_DESTROY 208 ==:IO_GETEVENTS 206 ==:IO_SETUP 209 ==:IO_SUBMIT 16 ==:IOCTL 173 ==:IOPERM 172 ==:IOPL 252 ==:IOPRIO_GET 251 ==:IOPRIO_SET 246 ==:KEXEC_LOAD 250 ==:KEYCTL 62 ==:KILL 94 ==:LCHOWN 192 ==:LGETXATTR 86 ==:LINK 265 ==:LINKAT 50 ==:LISTEN 194 ==:LISTXATTR 195 ==:LLISTXATTR 212 ==:LOOKUP_DCOOKIE 198 ==:LREMOVEXATTR 8 ==:LSEEK 189 ==:LSETXATTR 6 ==:LSTAT 28 ==:MADVISE 237 ==:MBIND 256 ==:MIGRATE_PAGES 27 ==:MINCORE 83 ==:MKDIR 258 ==:MKDIRAT 133 ==:MKNOD 259 ==:MKNODAT 149 ==:MLOCK 151 ==:MLOCKALL 9 ==:MMAP 154 ==:MODIFY_LDT 165 ==:MOUNT 279 ==:MOVE_PAGES 10 ==:MPROTECT 245 ==:MQ_GETSETATTR 244 ==:MQ_NOTIFY 240 ==:MQ_OPEN 243 ==:MQ_TIMEDRECEIVE 242 ==:MQ_TIMEDSEND 241 ==:MQ_UNLINK 25 ==:MREMAP 71 ==:MSGCTL 68 ==:MSGGET 70 ==:MSGRCV 69 ==:MSGSND 26 ==:MSYNC 150 ==:MUNLOCK 152 ==:MUNLOCKALL 11 ==:MUNMAP 35 ==:NANOSLEEP 262 ==:NEWFSTATAT 180 ==:NFSSERVCTL 2 ==:OPEN 257 ==:OPENAT 34 ==:PAUSE 298 ==:PERF_EVENT_OPEN 135 ==:PERSONALITY 22 ==:PIPE 293 ==:PIPE2 155 ==:PIVOT_ROOT 7 ==:POLL 271 ==:PPOLL 157 ==:PRCTL 17 ==:PREAD64 295 ==:PREADV 302 ==:PRLIMIT64 270 ==:PSELECT6 101 ==:PTRACE 182 ==:PUTPMSG 18 ==:PWRITE64 296 ==:PWRITEV 178 ==:QUERY_MODULE 179 ==:QUOTACTL 0 ==:READ 187 ==:READAHEAD 89 ==:READLINK 267 ==:READLINKAT 19 ==:READV 169 ==:REBOOT 45 ==:RECVFROM 299 ==:RECVMMSG 47 ==:RECVMSG 216 ==:REMAP_FILE_PAGES 197 ==:REMOVEXATTR 82 ==:RENAME 264 ==:RENAMEAT 249 ==:REQUEST_KEY 219 ==:RESTART_SYSCALL 84 ==:RMDIR 13 ==:RT_SIGACTION 127 ==:RT_SIGPENDING 14 ==:RT_SIGPROCMASK 129 ==:RT_SIGQUEUEINFO 15 ==:RT_SIGRETURN 130 ==:RT_SIGSUSPEND 128 ==:RT_SIGTIMEDWAIT 297 ==:RT_TGSIGQUEUEINFO 146 ==:SCHED_GET_PRIORITY_MAX 147 ==:SCHED_GET_PRIORITY_MIN 204 ==:SCHED_GETAFFINITY 143 ==:SCHED_GETPARAM 145 ==:SCHED_GETSCHEDULER 148 ==:SCHED_RR_GET_INTERVAL 203 ==:SCHED_SETAFFINITY 142 ==:SCHED_SETPARAM 144 ==:SCHED_SETSCHEDULER 24 ==:SCHED_YIELD 185 ==:SECURITY 23 ==:SELECT 66 ==:SEMCTL 64 ==:SEMGET 65 ==:SEMOP 220 ==:SEMTIMEDOP 40 ==:SENDFILE 46 ==:SENDMSG 44 ==:SENDTO 238 ==:SET_MEMPOLICY 273 ==:SET_ROBUST_LIST 205 ==:SET_THREAD_AREA 218 ==:SET_TID_ADDRESS 171 ==:SETDOMAINNAME 123 ==:SETFSGID 122 ==:SETFSUID 106 ==:SETGID 116 ==:SETGROUPS 170 ==:SETHOSTNAME 38 ==:SETITIMER 109 ==:SETPGID 141 ==:SETPRIORITY 114 ==:SETREGID 119 ==:SETRESGID 117 ==:SETRESUID 113 ==:SETREUID 160 ==:SETRLIMIT 112 ==:SETSID 54 ==:SETSOCKOPT 164 ==:SETTIMEOFDAY 105 ==:SETUID 188 ==:SETXATTR 30 ==:SHMAT 31 ==:SHMCTL 67 ==:SHMDT 29 ==:SHMGET 48 ==:SHUTDOWN 131 ==:SIGALTSTACK 282 ==:SIGNALFD 289 ==:SIGNALFD4 41 ==:SOCKET 53 ==:SOCKETPAIR 275 ==:SPLICE 4 ==:STAT 137 ==:STATFS 168 ==:SWAPOFF 167 ==:SWAPON 88 ==:SYMLINK 266 ==:SYMLINKAT 162 ==:SYNC 277 ==:SYNC_FILE_RANGE 156 ==:SYSCTL 139 ==:SYSFS 99 ==:SYSINFO 103 ==:SYSLOG 276 ==:TEE 234 ==:TGKILL 201 ==:TIME 222 ==:TIMER_CREATE 226 ==:TIMER_DELETE 225 ==:TIMER_GETOVERRUN 224 ==:TIMER_GETTIME 223 ==:TIMER_SETTIME 283 ==:TIMERFD_CREATE 287 ==:TIMERFD_GETTIME 286 ==:TIMERFD_SETTIME 100 ==:TIMES 200 ==:TKILL 76 ==:TRUNCATE 184 ==:TUXCALL 95 ==:UMASK 166 ==:UMOUNT2 63 ==:UNAME 87 ==:UNLINK 263 ==:UNLINKAT 272 ==:UNSHARE 134 ==:USELIB 136 ==:USTAT 132 ==:UTIME 280 ==:UTIMENSAT 235 ==:UTIMES 58 ==:VFORK 153 ==:VHANGUP 278 ==:VMSPLICE 236 ==:VSERVER 61 ==:WAIT4 247 ==:WAITID 1 ==:WRITE 20 ==:WRITEV 0 ==errno bin .scan "->" via # defines a syscall which has identical argument order # to kernel API and returns the raw return value { # ==name ==f -01 { sys .asm .syscall =errno } ; -01 deffd }' /defStdSyscall deff { 0 0 0 0 0 CLOSE } /close defStdSyscall # 0 <- raw return value # 1 <- seconds since 1970 # 2 <- microseconds since 1970 { # struct timeval takes 16 bytes on a x64 16 str .alloc ==buf buf 0 0 0 0 0 GETTIMEOFDAY sys .asm .syscall =errno buf ->u64 -01 ->u64 -023 } /gettimeofday deffd # 0 -> path to stat # 0 <- raw return value # 1 <- (struct stat)-like scope { # ==filename # struct stat takes 144 bytes on a x64 144 str .alloc ==buf buf 0 0 0 0 STAT sys .asm .syscall =errno buf < ->u64 ==dev ->u64 ==ino ->u64 ==mode ->u64 ==nlink ->u64 ==uid ->u64 ==gid ->u64 ==rdev ->u64 ==size ->u64 ==blksize ->u64 ==blocks ->u64 ==atime ->u64 ==mtime ->u64 ==ctime > -02 } /stat deffd { 0 0 0 OPEN } /open defStdSyscall < 2 ==:PTRACEPEEKDATA 3 ==:PTRACEPEEKUSER 16 ==:PTRACEATTACH 17 ==:PTRACEDETACH { ==pid PTRACEATTACH pid 0 0 0 0 PTRACE sys .asm .syscall =errno } /attach deffd { ==pid PTRACEDETACH pid 0 0 0 0 PTRACE sys .asm .syscall =errno } /detach deffd # 0 <- raw return value # 1 <- peeked data { ==addr ==pid 8 str .alloc ==buf PTRACEPEEKDATA pid addr buf 0 0 PTRACE sys .asm .syscall =errno buf ->u64 -02 } /peek deffd < { deffd }' /defPeekUser deff [ /r15 /r14 /r13 /r12 /rbp /rbx /r11 /r10 /r9 /r8 /rax /rcx /rdx /rsi /rdi /origRax /rip /cs /eflags /rsp /ss /fs_base /gs_base /ds /es /fs /gs ] =*:userAreaNames 0 |userAreaNames len range { ==i # 0 <- raw return value # 1 <- peeked data { ==pid 8 str .alloc ==buf PTRACEPEEKUSER pid i 8 mul buf 0 0 PTRACE sys .asm .syscall =errno buf ->u64 -02 } i userAreaNames defPeekUser } each > /peekUser defvd > /ptrace defvd { 0 0 0 READ } /read defStdSyscall # 0 <- raw return value # 1 <- returned status { ==options ==pid # status is returned into an int buffer 8 str .alloc ==buf pid buf options 0 0 0 WAIT4 sys .asm .syscall =errno buf ->u64 -02 } /waitpid deffd { 0 0 0 WRITE } /write defStdSyscall > /linux sys .defv # vim: syn=elymas