本文实现一个简单的系统调用实现，支持输入字符串参数，并返回一个结果字符串。
以下是验证步骤：

1. 添加系统调用编号

试验使用的是 x86_64 架构的 Linux 内核。
找到并编辑 arch/x86/entry/syscalls/syscall_64.tbl 文件，在文件末尾添加新的系统调用号和函数映射，这里使用 548 作为新系统调用编号：

548  64  say_hello   sys_say_hello

2. 添加系统调用实现

在合适的内核源码文件中（如 kernel/sys.c ），末尾添加系统调用函数实现：

SYSCALL_DEFINE3(say_hello, const char __user *, name, char __user *, result, size_t, result_len)
{char kname[256];  // 假设最大长度为256char msg[512];size_t msg_len;// 从用户态复制参数if (copy_from_user(kname, name, sizeof(kname))) {return -EFAULT;}// 构建返回消息snprintf(msg, sizeof(msg), "Welcome %s", kname);msg_len = strnlen(msg, sizeof(msg)) + 1;// 检查结果缓冲区长度是否足够if (result_len < msg_len) {return -ENOSPC;}// 将结果复制到用户态缓冲区if (copy_to_user(result, msg, msg_len)) {return -EFAULT;}return 0;
}

SYSCALL_DEFINE3 宏将自动处理系统调用的关联注册、参数传递处理等，无需其它操作。

3. 编译并安装内核

编译环境准备参见：https://blog.csdn.net/shida_csdn/article/details/139780103

make INSTALL_MOD_STRIP=1 binrpm-pkg -j 8
cd /root/rpmbuild/RPMS/x86_64
yum localinstall *
reboot

重启后，选择新内核

4. 验证系统调用

编写用户态测试程序 say_hello.c ：

#include <stdio.h>
#include <unistd.h>
#include <sys/syscall.h>
#include <string.h>int main() {char name[] = "Alice";char result[120];long res = syscall(548, name, result, sizeof(result));if (res == 0) {printf("%s\n", result);} else {printf("System call failed with error code: %ld\n", res);}return 0;
}

编译并运行：

gcc -o say_hello say_hello.c
./say_hello# 会看到输出如下内容，证明系统调用成功
Welcome Alice

x86_64 的系统调用的参数传递使用的寄存器，可以在源码 arch/x86/entry/entry_64.S 中找到，最多支持 6 个参数：

* 64-bit SYSCALL instruction entry. Up to 6 arguments in registers.** This is the only entry point used for 64-bit system calls.  The* hardware interface is reasonably well designed and the register to* argument mapping Linux uses fits well with the registers that are* available when SYSCALL is used.** SYSCALL instructions can be found inlined in libc implementations as* well as some other programs and libraries.  There are also a handful* of SYSCALL instructions in the vDSO used, for example, as a* clock_gettimeofday fallback.** 64-bit SYSCALL saves rip to rcx, clears rflags.RF, then saves rflags to r11,* then loads new ss, cs, and rip from previously programmed MSRs.* rflags gets masked by a value from another MSR (so CLD and CLAC* are not needed). SYSCALL does not save anything on the stack* and does not change rsp.** Registers on entry:* rax  system call number* rcx  return address* r11  saved rflags (note: r11 is callee-clobbered register in C ABI)* rdi  arg0* rsi  arg1* rdx  arg2* r10  arg3 (needs to be moved to rcx to conform to C ABI)* r8   arg4* r9   arg5* (note: r12-r15, rbp, rbx are callee-preserved in C ABI)** Only called from user space.