If you mean library calls, such as those found in fcntl.h
, they are not part of the kernel, they are part of glibc
.
If you reference actual kernel calls, the sys_xyzzy
system call is usually handled by the sys_xyzzy
function.
The entry.S file, at least in version 2.4 (I did not look at later kernels), contained tables for mapping system calls to functions:
.data ENTRY(sys_call_table) .long SYMBOL_NAME(sys_ni_syscall) .long SYMBOL_NAME(sys_exit) .long SYMBOL_NAME(sys_fork) .long SYMBOL_NAME(sys_read) .long SYMBOL_NAME(sys_write) .long SYMBOL_NAME(sys_open) .long SYMBOL_NAME(sys_close) .long SYMBOL_NAME(sys_waitpid) .long SYMBOL_NAME(sys_creat) .long SYMBOL_NAME(sys_link) .long SYMBOL_NAME(sys_unlink) .long SYMBOL_NAME(sys_execve) .long SYMBOL_NAME(sys_chdir) .long SYMBOL_NAME(sys_time) .long SYMBOL_NAME(sys_mknod) .long SYMBOL_NAME(sys_chmod) : .long SYMBOL_NAME(sys_ni_syscall) .long SYMBOL_NAME(sys_ni_syscall)
KernelGrok seems to have a useful page showing system calls, their names, parameters, and where to look for the source. For example (slightly reformatted):
0 sys_restart_syscall eax = 0x00 kernel/signal.c:2058 1 sys_exit eax = 0x01 ebx = int error_code kernel/exit.c:1046 2 sys_fork eax = 0x02 ebx = struct pt_regs * arch/alpha/kernel/entry.S:716 3 sys_read eax = 0x03 ebx = unsigned int fd ecx = char __user *buf edx = size_t count fs/read_write.c:391 4 sys_write eax = 0x04 ebx = unsigned int fd ecx = const char __user *buf edx = size_t count fs/read_write.c:408 :
etc. But, as an old school, I prefer to store the kernel source files and just use grep
source share