syscallis the default way of entering kernel mode on
x86-64. This instruction is not available in 32 bit modes of operation on Intel processors.
sysenteris an instruction most frequently used to invoke system calls in 32 bit modes of operation. It is similar to
syscall, a bit more difficult to use though, but that is the kernel’s concern.
int 0x80is a legacy way to invoke a system call and should be avoided.
传统的int 0x80有点慢, Intel实现了sysenter和syscall, 即所谓的快速系统调用指令, 使用它们更快。
acrn@acrn:/proc$ cat /proc/self/maps | tail -2
Note that the vDSO area has moved, while the vsyscall page remains at the same location. The location of the vsyscall page is nailed down in the kernel ABI, but the vDSO area - like most other areas in the user-space memory layout - has its location randomized every time it is mapped.
acrn@acrn:/proc$ ldd /bin/sh
linux-vdso.so.1 is a virtual shared object that doesn’t have any physical file on the disk; it’s a part of the kernel that’s exported into every program’s address space when it’s loaded.
For a more detailed description,
vDSO (virtual dynamic shared object) is a kernel mechanism for exporting a carefully selected set of kernel space routines to user space applications so that applications can call these kernel space routines in-process, without incurring the performance penalty of a mode switch from user mode to kernel mode that is inherent when calling these same kernel space routines by means of the system call interface.
vDSO uses standard mechanisms for linking and loading i.e. standard Executable and Linkable Format (ELF) format. vDSO is a memory area allocated in user space which exposes some kernel functionalities. vDSO is dynamically allocated, offers improved safety through address space layout randomization, and supports more than 4 system calls. Some C standard libraries, like glibc, may provide vDSO links so that if the kernel does not have vDSO support, a traditional syscall is made. vDSO helps to reduce the calling overhead on simple kernel routines, and it also can work as a way to select the best system-call method on some computer architectures such as IA-32.
DSO was developed to offer the vsyscall features while overcoming its limitations: a small amount of statically allocated memory, which allows only 4 system calls, and the same addresses application binary interface (ABI) in each process, which compromises security. This security issue has been mitigated by emulating a virtual system call, but the emulation introduces additional latency.