System Calls

Apparently, the Intel architecture provides different ways of accomplishing what operating systems need in order to move between protected, or privileged, levels and modes.

	four different privilege levels, as we have seen
	call gates are machine language call instructions that allow movement from a segment that is running at a lower privilege level to a segment that has a higher privilege level.

Another way to effect movement between privilege levels is through a software interrupt (the usual mechanism discussed in textbooks), or trap instruction. The Intel architecture also provides this in the form of the INT instruction. Linux implementations use this instruction to effect system calls rather than call gates, apparently.

References

Call gates versus the INT instruction in Linux

http://www.ussg.iu.edu/hypermail/linux/kernel/9706.2/0263.html

http://ou800doc.caldera.com/en/LX_uw/LKP_system_call_interface.html

Other system call mechanisms.

With the Pentium Pro Intel apparently introduced new instructions that could also be used for system calls and return, namely SYSCALL and SYSRET instructions. I don't think these have been incorporated into linux implementations.

http://www.ussg.iu.edu/hypermail/linux/kernel/9706.2/0333.html

A reference showing how call gates could be used to exploit a flaw in a previous Linux kernel, even though Linux used the system call for its purposes.

www.isec.pl/papers/linux_kernel_do_brk.pdf

A final reference for this short presentation has this quote in it and a quick review of call gates:

The Intel i386 architecture supports a complex and confusing
protection and segmentation model relying on rings, segment selectors,
segment descriptors, gates, descriptor tables and the like.

http://www.linuxsecurity.com/content/view/102959/107/