Execute system calls directly

Question

Provided a user is authorized to access something, how can he execute a system call directly, like geteuid() - get effective user ID (it's just an example) from bash, how could I do it?

Invoking a system call directly involves loading one or more registers with values and executing an assembly instruction. You're not going to be able to do that directly from bash. — Andy Dalton, Nov 06 '17 at 14:17
The most straight-forward way would be to write a small C program. Are you asking for a way to do this in pure Bash? — igal, Nov 06 '17 at 14:31
I do wonder what the purpose behind this is? It doesn't make much sense to manually make the system calls e.g. for copying a file, since you could use cp or cat directly. (And that's not even very hard to do on the system call level.) Is there some specific operation or system call you have in mind, or is this just about how system calls are made in general, or something else? — ilkkachu, Nov 06 '17 at 14:47
Why do you ask? Are you looking just for id command, or are you wanting to add a new system call into your kernel and asking how you would use it? Is the question specific to geteuid or generic to all system calls of syscalls(2)? Please edit your question to improve and motivate it! — Basile Starynkevitch, Nov 06 '17 at 14:51

score 16 · Answer 1 · edited Nov 06 '17 at 16:07

User-space kernel-space communication via system calls is done in terms of memory locations and machine registers. That's way below the abstraction level of shells, which operate mainly with text strings.

That said, in bash, you can use the https://github.com/taviso/ctypes.sh plugin to get through the text-string abstraction down to C-level granularity:

$ . ctypes.sh
$ dlcall -r long geteuid
long:1001

For this particular operation though, it would be much simpler, more idiomatic, and more efficient to simply use bash's magic $UID variable.

$ echo "$EUID" #effectively a cached geteuid call
1001

ctypes.sh sounds interesting but doesn't build on macOS. – Stefan Schmidt Oct 31 '22 at 23:36 — Stefan Schmidt, Oct 31 '22 at 23:36

Basile Starynkevitch · Answer 2 · 2017-11-06T16:45:26.920

To get the uid, write your own C program (or some shell plugin, if your shell accepts them; FYI zsh can have plugins, called modules.) or more simply run the id(1) command.

For other syscalls (listed in syscalls(2)), it is the same: use some program (or some builtin or some plugin) doing them. That program could be directly coded in assembler and would use SYSCALL or SYSENTER machine instruction to do the system call, or (and much more often) it would use your C standard library and use the function from libc doing that syscall. Executables don't need to be obtained from C source (for example, busybox is coded in assembler, the Scheme bones compiler don't use any libc). However, your libc is a cornerstone of your system.

System calls changing some changeable and inheritable property of processes should be shell builtins (like cd for chdir(2), ulimit for setrlimit(2), etc...), because you might want to change the property in the shell process itself (and inherited by future command processes started by the shell). So if cd was a program it would only apply to the shell's child process running that program.

BTW, system calls make only sense when done from some process. That process can either be the shell process or some child (or descendant) process started by the shell.

Notice that Unix shells are ordinary programs. There are many of them (e.g. zsh, fish, scsh, es, etc ....)... It is an interesting exercise to code your own shell (and that can be done simply, see sash for an example; look also this for hints on globbing). Read something about Linux programming. If you are not happy with bash use another shell (perhaps changing your login shell using chsh(1)) or write your own one. Also, GNU bash is -like most other shells- free software. You can study its source code and improve it if you want to.

Execute system calls directly

2 Answers2

Linked