1Userspaceuser application
2UserspaceGNU C library (glibc)
3KernelspaceSystem Call Interface
4KernelspaceSubsystems: virtual filesystem, memory management, process management
5KernelspaceArchitecture Dependent Code, device drivers
6HardwarePhysical devices


  • The application is setting up the system call number and parameters, and it issues a trap instruction
  • The execution mode switches from user to kernel, raised the privilege level to kernel mode; the CPU switches to a kernel stack; the user stack and the return address to user space is saved on the kernel stack
  • The kernel entry point saves registers on the kernel stack
  • The system call dispatcher identifies the system call function and runs it
  • The user space registers are restored and execution is switched back to user (e.g. calling IRET); reduce the privilege level back to user mode
  • The user space application resumes

Parameters Handling

Pointers have a few important special cases that must be checked:

  • Never allow pointers to kernel-space

  • Check for invalid pointers

  • Check the pointer against the user address space before using it, or

  • Avoid checking the pointer and rely on the MMU to detect when the pointer is invalid and use the page fault handler to determine that the pointer was invalid