Now, since we use instructions that are specific to the CPU architecture, we’ll need different functions depending on if you run an older Mac with an intel CPU or if you run a newer Mac with an Arm 64-based CPU. We only present the one working for the new M series of chips using an ARM 64 architecture, but don’t worry, if you’ve cloned the Github repository, you’ll find code that works on both versions of Mac there.
Since there are only minor changes, I’ll present the whole example here and just go through the differences.
Remember, you need to run this code on a machine with macOS and an M-series chip. You can’t try this in the Rust playground.
ch03/a-raw-syscall
use std::arch::asm;
fn main() {
let message = “Hello world from raw syscall!\n”
let message = String::from(message);
syscall(message);
}
#[inline(never)]
fn syscall(message: String) {
let ptr = message.as_ptr();
let len = message.len();
unsafe {
asm!(
“mov x16, 4”,
“mov x0, 1”,
“svc 0”,
in(“x1”) ptr,
in(“x2”) len,
out(“x16”) _,
out(“x0”) _,
lateout(“x1”) _,
lateout(“x2”) _
);
}
}
Aside from different register naming, there is not that much difference from the one we wrote for Linux, with the exception of the fact that a write operation has the code 4 on macOS instead of 1 as it did on Linux. Also, the CPU instruction that issues a software interrupt is svc 0 instead of syscall.
Again, if you run this on macOS, you’ll get the following printed to your console:
Hello world from raw syscall!
What about raw syscalls on Windows?
This is a good opportunity to explain why writing raw syscalls, as we just did, is a bad idea if you want your program or library to work across platforms.
You see, if you want your code to work far into the future, you have to worry about what guarantees the OS gives. Linux guarantees that, for example, the value 1 written to the rax register will always refer to write, but Linux works on many platforms, and not everyone uses the same CPU architecture. We have the same problem with macOS that just recently changed from using an Intel-based x86_64 architecture to an ARM 64-based architecture.
Windows gives absolutely zero guarantees when it comes to low-level internals such as this. Windows has changed its internals numerous times and provides no official documentation on this matter. The only things we have are reverse-engineered tables that you can find on the internet, but these are not a robust solution since what was a write syscall can be changed to a delete syscall the next time you run Windows update. Even if that’s unlikely, you have no guarantee, which in turn makes it impossible for you to guarantee to users of your program that it’s going to work in the future.
So, while raw syscalls in theory do work and are good to be familiar with, they mostly serve as an example of why we’d rather link to the libraries that the different operating systems supply for us when making syscalls. The next segment will show how we do just that.
Leave a Reply