Overview of Linux syscalls

A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z

A

accept
Accept a connection on a socket
access
Checks whether the calling process can access the pathname, dereferenced when it is a symbolic link
add_key
Create or update a key for kernel key management facility
adjtimex
Reads and optionally sets adjustment parameters for clock adjustment algorithm used on Linux (RFC 5905)
alarm
Schedule an alarm; it lets the system generate a SIGALRM signal for the process after a specified time

B

bind
Assigns address to a socket that was created with socket()
brk
Change the location of program break, specifically the end of the process's data segment

C

cacheflush
Flushes contents of cache(s) for user addresses in specified range
capget
Retrieve thread capabilities
capset
Set thread capabilities
chdir
Change work directory
chmod
Change mode of the file, dereferenced for symbolic links
chown
Changes ownership of file specified by pathname, dereferenced if file is a symbolic link
clock_adjtime
Reads and optionally sets adjustment parameters for clock adjustment algorithm used on Linux (RFC 5905). It behaves like adjtimex(), but takes an additional clk_id argument to define the clock
clock_getres
Retrieve the resolution (precision) of a specified clock
clock_gettime
Retrieve time from specified clock
clock_settime
Set time of specified clock
clone
Similar to fork() to create a child process, with more fine-grained options to define what is shared between calling process and child. This system call can also make a new process part of newly created namespace by specifying a flag.
clone2
Specific for ia64 platform, similar to clone() but with different handling of stack assignment
clone3
Provides superset of the functionality of the older clone() interface to create child process
close
Close file descriptor
connect
Initiate connection on a defined socket
creat
Like open(), but sets flags O_CREAT|O_WRONLY|O_TRUNC
create_module
Deprecated syscall to create an entry to load a kernel module and reserve the kernel memory for it

D

delete_module
Tries to remove an unused loadable module entry which is related currently loaded Linux kernel module (LKM)
dup
Duplicate file descriptor; more specifically it allocates a new file descriptor that also refers to open file description oldfd
dup2
Same as dup(), duplicate file descriptor; difference is that it uses file descriptor number specified in newfd
dup3
Same as dup2(); difference is that caller can force close-on-exec flag (O_CLOEXEC) to be set

E

epoll_ctl
Manage (add, modify, remove) entries in epoll instance, which is used to monitor if I/O is allowed on the defined set of file descriptors. Similar to poll(), with additional benefits.
execve
Executes the program referred to by specified pathname
exit
Terminates the calling process, parent process will receive a SIGCHLD signal

F

faccessat
Similar to access(), works slightly different when pathname is relative
faccessat2
Closely similar to faccessat() but implements flags argument to correct incorrect implementation in faccessat()
fchdir
Similar to chdir, but uses open file descriptor
fchmod
Same as chmod, but used file by open file descriptor fd
fchmodat
Similar to chmod(), works slightly different when pathname is relative
fchown
Changes ownership of file, referred to by open file descriptor (fd)
fchownat
Similar to fchown(), but deals differently with relative paths
fcntl
Performs an action on file defined by a file descriptor, such as setting flags
finit_module
Similar to init_module(); loads image (ELF) but refers to a file description
flock
Apply or remove advisory lock on file
fork
Create a new child process by duplicating the calling process, with caller becoming the parent process
fstat
Similar to stat(), but uses file descriptor fd
fstatat
More generic interface to receive information that is similar to stat(), fstat(), and lstat()
fstatfs
Similar to statfs(), but uses open file referenced by descriptor fd.
ftruncate
Truncate a file open for writing to specified number of bytes, which may fill it with null bytes (\0) or decrease its size and losing data
futex
Provides a method for waiting until certain condition becomes true

G

get_current_dir_name
Like getcwd(); will retrieve current working directory but creates an array to store the value
getcwd
Copies the absolute pathname of current working directory to a buffer
getdents
Retrieve entries from a directory
getegid
Returns effective group ID of the calling process
geteuid
Retrieve effective user ID of calling process
getgid
Returns real group ID of the calling process
getgroups
Returns supplementary group IDs of calling process
getpeername
Receive address of the peer connected to a socket
getpgid
Retrieve process group ID (PGID)
getpid
Returns process ID (PID) of calling process
getppid
Returns process ID (PID) of parent of the calling process
getrandom
Receive random bytes
getrlimit
Get resource limits
getsid
Receive session ID of a defined process
getsockname
Retrieve current address of defined socket
getsockopt
Get options for socket
gettid
Returns thread ID (TID) of caller. Same as process ID (PID) for single-threaded applications, otherwise different
gettimeofday
Get time or timezone
getuid
Retrieve real user ID of calling process
getwd
Retrieves current working directory in specified pointer to a related buffer; deprecated for security and portability reasons

I

init_module
Load image (ELF) into the kernel space including the required steps to initialize it, including triggering the init() function of the module
io_cancel
Attempts to cancel asynchronous I/O operation that was submitted by io_submit()
io_submit
Submit asynchronous I/O blocks for processing, can be cancelled with io_cancel()

K

kexec_file_load
Similar to kexec_load(), but uses file descriptor for kernel and initrd (initial ram disk)
kexec_load
Load new kernel for later execution
keyctl
Allow user-space programs to take actions on keys, such as updating, revocation, ownership

L

lchown
Like chown(), does not dereference symbolic links
Create new link (hard link) to existing file
linkat
Similar to link(), but deals differently with relative paths
listen
Marks socket as a passive to allow it accepting incoming connections with accept()
lseek
Reposition file offset for read/write
lstat
Similar to stat(), but if pathname is symbolic link, return information about link and not the file that symbolic link points to

M

mkdir
Create directory
mkdirat
Similar to mkdir() but deals differently with relative paths
mknod
Create filesystem node (file, device special file, or named pipe) named pathname
mknodat
Similar to mknod, works slightly different when pathname is relative
mlock
Lock pages in a specified address range, so they are guaranteed to stay in memory instead of being swapped to disk
mlock2
Same as mlock() if flags is 0. With flag MLOCK_ONFAULT is locks the current resident pages, the mark the range so currently nonresident pages are locked later when they are used (page fault)
mlockall
Similar to mlock, but tries to lock all the memory pages of the calling process to prevent swapping
mmap
Create new mapping in the virtual address space of the calling process
mseal
Provides memory protection by allow developers to mark specific memory regions immutable, which helps with exploit mitigation
munlock
Opposite of mlock() to release lock on memory area, so it can be swapped to disk if needed
munlockall
Unlocks all memory pages of calling process so it can be swapped to disk again by the kernel
munmap
Deletes the mappings for specified address range and marks range to generate invalid memory references

N

nice
Change process priority, with +19 (lowest priority) up to to -20 (high priority)
ntp_adjtime
Doing same task as adjtimex(), but is a more portable interface

O

open
Opens file specified by pathname to allow reading or writing data
open_by_handle_at
The open_by_handle_at opens a file handle returned by a name_to_handle_at() and returns an open file descriptor.
openat
Similar to open(), but uses dirfd argument and deals differently with path

P

personality
Set or get the personality for a process, a kernel execution domain
pipe
Create a pipe that allows unidirectional communication between processes
pipe2
Similar to pipe(), to create a channel between two processes. With flag O_DIRECT it will use packet-style communication instead of a stream
poll
Similar task to select(2), which is waiting for a set of file descriptors to become available for I/O.
ppol
Let an application wait until file descriptor is available or signal is caught
prctl
Perform operations on a process or thread, such as changing its capabilities, set name of the calling thread, set the secure computing mode (seccomp), and more.
prlimit
Get and sets resource limit, combines getrlimit() and setrlimit()
ptrace
Process tracing; usually for breakpoint debugging and system call tracing

R

read
Read from file descriptor
readdir
Read a directory
readv
Read buffers from file
reboot
Reboots the system, or enables/disables reboot keystroke (default: Ctrl+Alt+Delete; changed using loadkeys(1))
recv
Like read(), but normally only used on a socket and has additional flags that can be set
recvfrom
Receives a message on a socket, close to recv(), but with additional flags related to receiving source
recvmsg
Receives a message on a socket with a predefined structure to minimize the number of arguments
rename
Rename a file, move it between directories if required
renameat
Similar to rename(), with deals differently with relative paths
renameat2
Similar to renameat() when no flags are provided, otherwise it has additional options
request_key
Request a key from kernel key management facility
rmdir
Delete directory

S

sbrk
Change the location of program break, specifically it increments the program's data space
seccomp
Perform operations on the secure computing (seccomp) state of a process
select
Let a program monitor multiple file descriptors until one or more become available for I/O actions. This system call has limitations and typically poll or epoll is used.
sendfile
Copies data between one file descriptor and another
setgid
Set effective group ID of calling process, with CAP_SETGID capability it also sets real GID and saved set-group-ID
setgroups
Defines supplementary group IDs of calling process
setpgid
Set process group ID (PGID)
setrlimit
Set resource limits
setsockopt
Set options on socket
settimeofday
Set time or timezone
setuid
Set effective user ID of calling process, with CAP_SETUID capability it also sets real UID and saved set-user-ID
sigreturn
Allow implementation of signal handlers
socket
Create endpoint for communication and return file descriptor
socketpair
Create a pair of connected sockets, for example for communication between parent and child process
stat
Get information about file
statfs
Returns information about mounted file system
Create symbolic link
symlinkat
Similar to symlink() but deals differently with relative paths

T

tee
Duplicate pipe content, does not consume the data
time
Return time; as number of seconds since the Epoch (1970-01-01 00:00:00 +0000 (UTC))
times
Get process and child process times, including CPU time in userspace and by the system for the calling process, and similar for the child processes
truncate
Truncate a writable file to specified number of bytes, which may fill it with null bytes (\0) or decrease its size and losing data

U

umask
Set file mode creation mask
uname
Retrieve name and information about the current kernel
Delete name from filesystem
unlinkat
Similar to unlink() but deals differently with relative paths
utime
Change access and modification times of inode
utimes
Similar to utime(), but uses array instead of a structure

W

wait
Suspend the execution of the calling process thread until one of its child processes terminates.
waitpid
Suspend the execution of the calling process thread until one of the specified child processes (by PID) terminates. By using specific options, also other actions like termination can be waited for. The functionality of this system call is similar to wait(), yet with more control over the children and states.
write
Write to file descriptor
writev
Writes buffers to file