It is not possible to directly link the User Space with the Kernel space , as it would lead to security problems , system instability leading to more chances of a system crash. Therefore User-Space applications should not be allowed to directly execute or manipulate kernel data.. To encounter this problem the kernel provides a mechanism to the user-space applications to signal the kernel when it wished to invoke a syscall.
On i386 the mechanism carries out as follows :-
- The User-Space Application executes a interrupt instruction(int) with a value of 0x80
- This signals the kernel and switches to kernel space.
- The kernel executes a software interrupt handler.
Lets take a look at the functioning of a simple ASM program(just 2 instructions) to clear the concept :-
mov eax,1 ; 1 is the sycall for exit
int 0x80 ; switch to kernel space and execute exit(3)
The Working (in i386):-
- Move 1 to 'eax' (syscall number), which happens to be exit().
- Switch to kernel space.