Module syscall

Accessing kernel system call information.

This library allows retrieving the kernel address of a system call given its number, and provides a table of system call numbers accessible by their names (see syscall.numbers). This is particularly useful for kernel probing (see probe) or other low-level kernel interactions.

syscall

address (syscall_number) Retrieves the kernel address of a system call.
numbers Table of system call numbers.


syscall

address (syscall_number)
Retrieves the kernel address of a system call.

Parameters:

  • syscall_number integer The system call number (e.g., __NR_openat).

Returns:

    lightuserdata The kernel address of the system call entry point, or nil if the number is invalid or the address cannot be determined.

Raises:

Error if syscall_number is out of bounds.

Usage:

    local syscall = require("syscall")
local openat_addr = syscall.address(syscall.numbers.openat)
numbers
Table of system call numbers. This table maps system call names (strings) to their corresponding kernel system call numbers (integers, e.g., __NR_openat). The availability of specific system calls depends on the kernel version and architecture, as detailed below.

Fields:

  • io_setup integer Create an asynchronous I/O context.
  • io_destroy integer Destroy an asynchronous I/O context.
  • io_submit integer Submit asynchronous I/O blocks.
  • io_cancel integer Cancel an outstanding asynchronous I/O operation.
  • setxattr integer Set an extended attribute value.
  • lsetxattr integer Set an extended attribute value of a symbolic link.
  • fsetxattr integer Set an extended attribute value of an open file.
  • getxattr integer Get an extended attribute value.
  • lgetxattr integer Get an extended attribute value of a symbolic link.
  • fgetxattr integer Get an extended attribute value of an open file.
  • listxattr integer List extended attribute names.
  • llistxattr integer List extended attribute names of a symbolic link.
  • flistxattr integer List extended attribute names of an open file.
  • removexattr integer Remove an extended attribute.
  • lremovexattr integer Remove an extended attribute of a symbolic link.
  • fremovexattr integer Remove an extended attribute of an open file.
  • getcwd integer Get current working directory.
  • lookup_dcookie integer Return a directory entry's path.
  • eventfd2 integer Create a file descriptor for event notification.
  • epoll_create1 integer Open an epoll file descriptor.
  • epoll_ctl integer Control interface for an epoll file descriptor.
  • epoll_pwait integer Wait for an I/O event on an epoll file descriptor.
  • dup integer Duplicate an old file descriptor.
  • dup3 integer Duplicate an old file descriptor to a new one with flags.
  • inotify_init1 integer Initialize an inotify instance.
  • inotify_add_watch integer Add a watch to an initialized inotify instance.
  • inotify_rm_watch integer Remove an existing watch from an inotify instance.
  • ioctl integer Control a device.
  • ioprio_set integer Set I/O scheduling class and priority.
  • ioprio_get integer Get I/O scheduling class and priority.
  • flock integer Apply or remove an advisory lock on an open file.
  • mknodat integer Create a special or ordinary file relative to a directory file descriptor.
  • mkdirat integer Create a directory relative to a directory file descriptor.
  • unlinkat integer Remove a file relative to a directory file descriptor.
  • symlinkat integer Create a symbolic link relative to a directory file descriptor.
  • linkat integer Make a new name for a file relative to a directory file descriptor.
  • umount2 integer Unmount a filesystem with flags.
  • mount integer Mount a filesystem.
  • pivot_root integer Change the root filesystem.
  • nfsservctl integer Syscall for NFS server control (obsolete).
  • fallocate integer Manipulate file space.
  • faccessat integer Check user's permissions for a file relative to a directory file descriptor.
  • chdir integer Change working directory.
  • fchdir integer Change working directory using a file descriptor.
  • chroot integer Change root directory.
  • fchmod integer Change permissions of a file given a file descriptor.
  • fchmodat integer Change permissions of a file relative to a directory file descriptor.
  • fchownat integer Change ownership of a file relative to a directory file descriptor.
  • fchown integer Change ownership of a file given a file descriptor.
  • openat integer Open or create a file relative to a directory file descriptor.
  • close integer Close a file descriptor.
  • vhangup integer Virtually hangup the current tty.
  • pipe2 integer Create a pipe with flags.
  • quotactl integer Manipulate disk quotas.
  • getdents64 integer Get directory entries.
  • read integer Read from a file descriptor.
  • write integer Write to a file descriptor.
  • readv integer Read data into multiple buffers.
  • writev integer Write data from multiple buffers.
  • pread64 integer Read from a file descriptor at a given offset.
  • pwrite64 integer Write to a file descriptor at a given offset.
  • preadv integer Read data into multiple buffers from a given offset.
  • pwritev integer Write data from multiple buffers at a given offset.
  • signalfd4 integer Create a file descriptor for accepting signals.
  • vmsplice integer Splice user pages to a pipe.
  • splice integer Splice data to/from a pipe.
  • tee integer Duplicate pipe content.
  • readlinkat integer Read value of a symbolic link relative to a directory file descriptor.
  • sync integer Commit filesystem caches to disk.
  • fsync integer Synchronize a file's in-core state with storage device.
  • fdatasync integer Synchronize a file's data in-core state with storage device.
  • timerfd_create integer Create a file descriptor for timer notifications.
  • acct integer Switch process accounting on or off.
  • capget integer Get process capabilities.
  • capset integer Set process capabilities.
  • personality integer Set the process execution domain.
  • exit integer Terminate the current process.
  • exit_group integer Terminate all threads in a process.
  • waitid integer Wait for process state changes.
  • set_tid_address integer Set pointer to thread ID.
  • unshare integer Disassociate parts of the process execution context.
  • set_robust_list integer Set the address of the robust futex list.
  • get_robust_list integer Get the address of the robust futex list.
  • getitimer integer Get value of an interval timer.
  • setitimer integer Set value of an interval timer.
  • kexec_load integer Load a new kernel for later execution.
  • init_module integer Load a kernel module.
  • delete_module integer Unload a kernel module.
  • timer_create integer Create a POSIX per-process timer.
  • timer_getoverrun integer Get POSIX per-process timer overrun count.
  • timer_delete integer Delete a POSIX per-process timer.
  • syslog integer Read and/or clear kernel message ring buffer; set console_loglevel.
  • ptrace integer Process trace.
  • sched_setparam integer Set scheduling parameters for a process.
  • sched_setscheduler integer Set scheduling policy and parameters for a process.
  • sched_getscheduler integer Get scheduling policy for a process.
  • sched_getparam integer Get scheduling parameters for a process.
  • sched_setaffinity integer Set a thread's CPU affinity mask.
  • sched_getaffinity integer Get a thread's CPU affinity mask.
  • sched_yield integer Yield the processor.
  • sched_get_priority_max integer Get maximum priority value for a scheduling policy.
  • sched_get_priority_min integer Get minimum priority value for a scheduling policy.
  • sched_rr_get_interval integer Get the SCHED_RR interval for the named process.
  • restart_syscall integer Restart a system call after a signal.
  • kill integer Send signal to a process.
  • tkill integer Send signal to a thread.
  • tgkill integer Send signal to a thread group.
  • sigaltstack integer Set and/or get signal stack context.
  • rt_sigsuspend integer Wait for a real-time signal.
  • rt_sigaction integer Examine and change a real-time signal action.
  • rt_sigprocmask integer Examine and change blocked real-time signals.
  • rt_sigpending integer Examine pending real-time signals.
  • rt_sigqueueinfo integer Queue a real-time signal and data.
  • rt_sigreturn integer Return from signal handler and cleanup stack frame.
  • setpriority integer Set program scheduling priority.
  • getpriority integer Get program scheduling priority.
  • reboot integer Reboot or enable/disable Ctrl-Alt-Del.
  • setregid integer Set real and effective group IDs.
  • setgid integer Set effective group ID.
  • setreuid integer Set real and effective user IDs.
  • setuid integer Set effective user ID.
  • setresuid integer Set real, effective and saved user IDs.
  • getresuid integer Get real, effective and saved user IDs.
  • setresgid integer Set real, effective and saved group IDs.
  • getresgid integer Get real, effective and saved group IDs.
  • setfsuid integer Set filesystem user ID.
  • setfsgid integer Set filesystem group ID.
  • times integer Get process times.
  • setpgid integer Set process group ID.
  • getpgid integer Get process group ID.
  • getsid integer Get session ID.
  • setsid integer Create a session and set the process group ID.
  • getgroups integer Get list of supplementary group IDs.
  • setgroups integer Set list of supplementary group IDs.
  • uname integer Get name and information about current kernel.
  • sethostname integer Set the system's hostname.
  • setdomainname integer Set the system's NIS/YP domain name.
  • getrusage integer Get resource usage.
  • umask integer Set file mode creation mask.
  • prctl integer Operations on a process or thread.
  • getcpu integer Determine CPU and NUMA node on which the calling thread is running.
  • getpid integer Get process ID.
  • getppid integer Get parent process ID.
  • getuid integer Get real user ID.
  • geteuid integer Get effective user ID.
  • getgid integer Get real group ID.
  • getegid integer Get effective group ID.
  • gettid integer Get thread ID.
  • sysinfo integer Get system information.
  • mq_open integer Open a POSIX message queue.
  • mq_unlink integer Unlink a POSIX message queue.
  • mq_timedsend integer Send a message to a POSIX message queue with timeout.
  • mq_timedreceive integer Receive a message from a POSIX message queue with timeout.
  • mq_notify integer Register for asynchronous notification of message arrival on a POSIX message queue.
  • mq_getsetattr integer Get/set POSIX message queue attributes.
  • msgget integer Get a System V message queue identifier.
  • msgctl integer System V message control operations.
  • msgrcv integer Receive messages from a System V message queue.
  • msgsnd integer Send a message to a System V message queue.
  • semget integer Get a System V semaphore set identifier.
  • semctl integer System V semaphore control operations.
  • semop integer System V semaphore operations.
  • shmget integer Allocates a System V shared memory segment.
  • shmctl integer System V shared memory control.
  • shmat integer Attach the System V shared memory segment to the address space of the calling process.
  • shmdt integer Detach the System V shared memory segment from the address space of the calling process.
  • socket integer Create an endpoint for communication.
  • socketpair integer Create a pair of connected sockets.
  • bind integer Bind a name to a socket.
  • listen integer Listen for connections on a socket.
  • accept integer Accept a connection on a socket.
  • connect integer Initiate a connection on a socket.
  • getsockname integer Get socket name.
  • getpeername integer Get name of connected peer socket.
  • sendto integer Send a message on a socket.
  • recvfrom integer Receive a message from a socket.
  • setsockopt integer Set options on sockets.
  • getsockopt integer Get options on sockets.
  • shutdown integer Shut down part of a full-duplex connection.
  • sendmsg integer Send a message on a socket using a message structure.
  • recvmsg integer Receive a message from a socket using a message structure.
  • readahead integer Initiate readahead on a file descriptor.
  • brk integer Change data segment size.
  • munmap integer Unmap files or devices into memory.
  • mremap integer Remap a virtual memory address.
  • add_key integer Add a key to the kernel's key management facility.
  • request_key integer Request a key from the kernel's key management facility.
  • keyctl integer Manipulate the kernel's key management facility.
  • clone integer Create a child process.
  • execve integer Execute a program.
  • rt_tgsigqueueinfo integer Send a real-time signal with data to a thread group.
  • perf_event_open integer Set up performance monitoring.
  • accept4 integer Accept a connection on a socket with flags.
  • recvmmsg integer Receive multiple messages from a socket.
  • prlimit64 integer Get and set resource limits.
  • fanotify_init integer Create and initialize fanotify group.
  • fanotify_mark integer Add, remove, or modify an fanotify mark on a filesystem object.
  • syncfs integer Commit filesystem caches to disk for a specific filesystem.
  • setns integer Reassociate thread with a namespace.
  • sendmmsg integer Send multiple messages on a socket.
  • process_vm_readv integer Read from another process's memory.
  • process_vm_writev integer Write to another process's memory.
  • kcmp integer Compare two processes to determine if they share a kernel resource.
  • finit_module integer Load a kernel module from a file descriptor.
  • sched_setattr integer Set scheduling policy and attributes for a thread.
  • sched_getattr integer Get scheduling policy and attributes for a thread.
  • renameat2 integer Rename a file or directory, with flags.
  • seccomp integer Operate on Secure Computing state of the process.
  • getrandom integer Obtain a series of random bytes.
  • memfd_create integer Create an anonymous file.
  • bpf integer Perform a BPF operation.
  • execveat integer Execute a program relative to a directory file descriptor.
  • userfaultfd integer Create a file descriptor for handling page faults in user space.
  • membarrier integer Issue memory barriers.
  • mlock2 integer Lock memory with flags.
  • copy_file_range integer Copy a range of data from one file to another.
  • preadv2 integer Read data into multiple buffers from a given offset, with flags.
  • pwritev2 integer Write data from multiple buffers at a given offset, with flags.
  • pkey_mprotect integer Set protection on a region of memory, with a protection key.
  • pkey_alloc integer Allocate a protection key.
  • pkey_free integer Free a protection key.
  • statx integer Get file status (extended).
  • rseq integer Restartable sequences.
  • kexec_file_load integer Load a new kernel for later execution from a file descriptor.
  • pidfd_send_signal integer Send a signal to a process specified by a PID file descriptor.
  • io_uring_setup integer Setup an io_uring instance.
  • io_uring_enter integer Register files or submit I/O to an io_uring instance.
  • io_uring_register integer Register files or user buffers for an io_uring instance.
  • open_tree integer Open a filesystem object by path and attribute.
  • move_mount integer Move a mount.
  • fsopen integer Open a filesystem by name and flags.
  • fsconfig integer Configure a filesystem.
  • fsmount integer Mount a filesystem.
  • fspick integer Select a filesystem by fd and path.
  • pidfd_open integer Obtain a file descriptor that refers to a process.

    --- Conditional on __ARCH_WANT_TIME32_SYSCALLS or __BITS_PER_LONG != 32 ---

  • io_getevents integer Read asynchronous I/O events from the completion queue.
  • pselect6 integer Synchronous I/O multiplexing with a timeout and a signal mask.
  • ppoll integer Wait for some event on a file descriptor with a timeout and a signal mask.
  • timerfd_settime integer Arm or disarm a timer that notifies via a file descriptor.
  • timerfd_gettime integer Get current setting of a timer that notifies via a file descriptor.
  • utimensat integer Change file last access and modification times relative to a directory file descriptor.
  • futex integer Fast user-space locking.
  • nanosleep integer High-resolution sleep.
  • timer_gettime integer Get POSIX per-process timer.
  • timer_settime integer Arm/disarm POSIX per-process timer.
  • clock_settime integer Set time of a specified clock.
  • clock_gettime integer Get time of a specified clock.
  • clock_getres integer Get resolution of a specified clock.
  • clock_nanosleep integer High-resolution sleep with a specific clock.
  • rt_sigtimedwait integer Synchronously wait for queued real-time signals.
  • gettimeofday integer Get time.
  • settimeofday integer Set time.
  • adjtimex integer Tune kernel clock.
  • semtimedop integer System V semaphore operations with timeout.
  • wait4 integer Wait for process state changes, BSD style.
  • clock_adjtime integer Tune a specified clock.
  • io_pgetevents integer Read AIO events with timeout and signal mask.

    --- Conditional on __ARCH_WANT_RENAMEAT ---

  • renameat integer Rename a file or directory relative to directory file descriptors.

    --- Conditional on __ARCH_WANT_SYNC_FILE_RANGE2 ---

  • sync_file_range2 integer Sync a file segment with disk, with flags.

    --- Conditional on !__ARCH_WANT_SYNC_FILE_RANGE2 (else part) ---

  • sync_file_range integer Sync a file segment with disk.

    --- Conditional on __ARCH_WANT_SET_GET_RLIMIT ---

  • getrlimit integer Get resource limits.
  • setrlimit integer Set resource limits.

    --- Conditional on !__ARCH_NOMMU ---

  • swapon integer Start swapping to a file or block device.
  • swapoff integer Stop swapping to a file or block device.
  • mprotect integer Set protection on a region of memory.
  • msync integer Synchronize a file with a memory map.
  • mlock integer Lock memory.
  • munlock integer Unlock memory.
  • mlockall integer Lock all pages mapped into the address space of the calling process.
  • munlockall integer Unlock all pages mapped into the address space of the calling process.
  • mincore integer Determine whether pages are resident in memory.
  • madvise integer Give advice about use of memory.
  • remap_file_pages integer Create a nonlinear file mapping.
  • mbind integer Set memory policy for a memory range.
  • get_mempolicy integer Retrieve NUMA memory policy for a thread.
  • set_mempolicy integer Set NUMA memory policy for a thread.
  • migrate_pages integer Migrate pages of the calling process to a set of nodes.
  • move_pages integer Move pages of the calling process to specific nodes.

    --- Conditional on __SYSCALL_COMPAT or __BITS_PER_LONG == 32 ---

  • clock_gettime64 integer Get time of a specified clock (64-bit time_t).
  • clock_settime64 integer Set time of a specified clock (64-bit time_t).
  • clock_adjtime64 integer Tune a specified clock (64-bit time_t).
  • clock_getres_time64 integer Get resolution of a specified clock (64-bit time_t).
  • clock_nanosleep_time64 integer High-resolution sleep with a specific clock (64-bit time_t).
  • timer_gettime64 integer Get POSIX per-process timer (64-bit time_t).
  • timer_settime64 integer Arm/disarm POSIX per-process timer (64-bit time_t).
  • timerfd_gettime64 integer Get current setting of a timerfd (64-bit time_t).
  • timerfd_settime64 integer Arm or disarm a timerfd (64-bit time_t).
  • utimensat_time64 integer Change file timestamps relative to a directory fd (64-bit time_t).
  • pselect6_time64 integer Synchronous I/O multiplexing (64-bit time_t).
  • ppoll_time64 integer Wait for some event on a file descriptor (64-bit time_t).
  • io_pgetevents_time64 integer Read AIO events with timeout and signal mask (64-bit time_t).
  • recvmmsg_time64 integer Receive multiple messages from a socket (64-bit time_t).
  • mq_timedsend_time64 integer Send a message to a POSIX message queue with timeout (64-bit time_t).
  • mq_timedreceive_time64 integer Receive a message from a POSIX message queue with timeout (64-bit time_t).
  • semtimedop_time64 integer System V semaphore operations with timeout (64-bit time_t).
  • rt_sigtimedwait_time64 integer Synchronously wait for queued real-time signals (64-bit time_t).
  • futex_time64 integer Fast user-space locking (64-bit time_t).
  • sched_rr_get_interval_time64 integer Get the SCHEDRR interval for the named process (64-bit timet).

    --- Conditional on __ARCH_WANT_SYS_CLONE3 ---

  • clone3 integer Create a child process with a new API.

    --- Conditional on LINUX_VERSION_CODE >= KERNEL_VERSION(5, 9, 0) ---

  • close_range integer Close a range of file descriptors.

    --- Conditional on LINUX_VERSION_CODE >= KERNEL_VERSION(5, 6, 0) ---

  • openat2 integer Open or create a file relative to a directory file descriptor, with extended flags.
  • pidfd_getfd integer Obtain a duplicate of another process's file descriptor.

    --- Conditional on LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0) ---

  • faccessat2 integer Check user's permissions for a file relative to a directory fd, with flags.

    --- Conditional on LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0) ---

  • process_madvise integer Give advice about use of memory to a process.

    --- Conditional on LINUX_VERSION_CODE >= KERNEL_VERSION(5, 11, 0) ---

  • epoll_pwait2 integer Wait for an I/O event on an epoll file descriptor, with extended timeout.

    --- Conditional on LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) ---

  • mount_setattr integer Change properties of a mount.

    --- Conditional on LINUX_VERSION_CODE >= KERNEL_VERSION(5, 14, 0) ---

  • quotactl_fd integer Manipulate disk quotas using a file descriptor.

    --- Conditional on LINUX_VERSION_CODE >= KERNEL_VERSION(5, 13, 0) ---

  • landlock_create_ruleset integer Create a new Landlock ruleset.
  • landlock_add_rule integer Add a new rule to a Landlock ruleset.
  • landlock_restrict_self integer Enforce a Landlock ruleset on the calling thread.

    --- Conditional on __ARCH_WANT_MEMFD_SECRET ---

  • memfd_secret integer Create an anonymous file in RAM for secrets.

    --- Conditional on LINUX_VERSION_CODE >= KERNEL_VERSION(5, 15, 0) ---

  • process_mrelease integer Release memory of a remote process.

    --- Conditional on __BITS_PER_LONG == 64 and !__SYSCALL_COMPAT ---

  • fcntl integer Manipulate file descriptor.
  • statfs integer Get filesystem statistics.
  • fstatfs integer Get filesystem statistics for an open file.
  • truncate integer Truncate a file to a specified length.
  • ftruncate integer Truncate an open file to a specified length.
  • lseek integer Reposition read/write file offset.
  • sendfile integer Transfer data between file descriptors.
  • newfstatat integer Get file status relative to a directory fd (new stat struct).
  • fstat integer Get file status for an open file (new stat struct).
  • mmap integer Map files or devices into memory.
  • fadvise64 integer Predeclare an access pattern for file data.
  • stat integer Get file status.
  • lstat integer Get symbolic link status.

    --- Conditional on __BITS_PER_LONG != 64 or __SYSCALL_COMPAT (else part of above) ---

  • fcntl64 integer Manipulate file descriptor (64-bit version).
  • statfs64 integer Get filesystem statistics (64-bit version).
  • fstatfs64 integer Get filesystem statistics for an open file (64-bit version).
  • truncate64 integer Truncate a file to a specified length (64-bit version).
  • ftruncate64 integer Truncate an open file to a specified length (64-bit version).
  • llseek integer Reposition read/write file offset (long long version).
  • sendfile64 integer Transfer data between file descriptors (64-bit version).
  • fstatat64 integer Get file status relative to a directory fd (64-bit stat struct).
  • fstat64 integer Get file status for an open file (64-bit stat struct).
  • mmap2 integer Map files or devices into memory (with offset in pages).
  • fadvise64_64 integer Predeclare an access pattern for file data (64-bit offset/len).
  • stat64 integer Get file status (64-bit stat struct).
  • lstat64 integer Get symbolic link status (64-bit stat struct).
generated by LDoc 1.5.0 Last updated 2025-06-27 17:53:55