How do syscalls work
A system call works on the basis of a defined transition from user mode to system mode. In Linux, this is possible through interrupts. Therefore the interrupt 0x80 is reserved for this only.
User calls a lib func. This func writes its args and number of system call to defined transfer regs and triggers 0x80 interrupt. When ISR returns, the value is read from appropriate transfer reg and the lib func returns.
Actual work of syscall is done by the interrupt routine. This starts a entry address system_call(), held in arch/i386/kernel/entry.S file.
Here we explain the broad level functioning of system_call
1. All regs for the process are saved.
2.
My meanderings into the heart of Linux Kernel