A system call (syscall) is a mechanism that allows a program to interact with the operating system. It acts as a bridge between the user space (where applications run) and the kernel space (where the operating system manages hardware and system resources). Programs use system calls to request services from the OS, such as managing files, processes, or hardware devices.

For example, when you open a file, your application cannot directly access the hardware. Instead, it makes a system call (e.g., open()), which the OS handles to perform the requested task.

Note that this is not a guide for ALL syscalls, but it is a guide to get you familiar enough with syscalls and strace.

Why Should You Learn About System Calls?

1. Understanding How Programs Work: - System calls reveal how applications interact with the operating system to perform tasks like file handling, memory management, and networking.

2. Efficient Troubleshooting: - Knowing system calls can help diagnose performance issues or bugs by identifying which calls a program relies on.

3. Optimizing Software: - When developing programs, understanding system calls allows you to write efficient code by leveraging the right OS-level functions.

4. Security Awareness: - Many exploits and vulnerabilities target how system calls are used (or misused). Understanding them helps in writing secure code.

5. Kernel-Level Development: - If you're interested in low-level programming, such as operating system development or driver creation, system calls are fundamental.

Basically, system calls are the foundation of how software and operating systems interact, making them essential knowledge for both beginner and advanced developers.

Categories of System Calls

System calls are grouped into five main categories:

Process Control – Manage processes (create, terminate, etc.).

File Management – Handle file operations (open, read, write, close).

Device Management – Interact with hardware devices.

Information Maintenance – Exchange information between the OS and programs.

Communication – Enable processes to communicate.

1. Process Control

• fork(): Creates a new process (child) that runs the same program as the parent.
• exit(): Terminates the process and frees resources.
• exec(): Replaces the current program in a process with a new one.

2. File Management

• open(): Opens a file for reading or writing.
• read(): Reads data from a file (multiple processes can read simultaneously).
• write(): Writes data to a file (only one process can write at a time).
• close(): Closes an open file.

3. Device Management

• ioctl(): Performs device-specific operations not covered by standard calls (e.g., configuring hardware).

4. Information Maintenance

• getpid(): Returns the process ID of the current process.
• alarm(): Sets a timer to deliver a signal after a specified time.
• sleep(): Pauses the process for a given time.

5. Communication

• pipe(): Enables communication between processes via file descriptors.
• shmget(): Allocates shared memory for process communication.
• mmap(): Maps files or devices into a process's memory.

Why Use strace?

• Debug program behavior (e.g., "Why is this program failing?").
• Identify which files, devices, or network resources a program accesses.
• Learn what system calls a program makes for educational purposes.