SYSCALL

Fast System Call

Opcodes

Hex Mnemonic Encoding Long Mode Legacy Mode Description
0F 05 SYSCALL A Valid Invalid Fast call to privilege level 0 system procedures.

Instruction Operand Encoding

Op/En Operand 0 Operand 1 Operand 2 Operand 3
A NA NA NA NA

Description

SYSCALL saves the RIP of the instruction following SYSCALL to RCX and loads a new RIP from the IA32_LSTAR (64-bit mode). Upon return, SYSRET copies the value saved in RCX to the RIP.

SYSCALL saves RFLAGS (lower 32 bit only) in R11. It then masks RFLAGS with an OS-defined value using the IA32_FMASK (MSR C000_0084). The actual mask value used by the OS is the complement of the value written to the IA32_FMASK MSR. None of the bits in RFLAGS are automatically cleared (except for RF). SYSRET restores RFLAGS from R11 (the lower 32 bits only).

Software should not alter the CS or SS descriptors in a manner that violates the following assumptions made by SYSCALL/SYSRET:

Pseudo Code

IF (CS.L != 1) or (IA32_EFER.LMA != 1) or (IA32_EFER.SCE != 1)
	(* Not in 64-Bit Mode or SYSCALL/SYSRET not enabled in IA32_EFER *)
	#UD;
FI;
RCX = RIP;
RIP = LSTAR_MSR;
R11 = EFLAGS;
EFLAGS = (EFLAGS MASKED BY IA32_FMASK);
CPL = 0;
CS(SEL) = IA32_STAR_MSR[47:32];
CS(DPL) = 0;
CS(BASE) = 0;
CS(LIMIT) = 0xFFFFF;
CS(GRANULAR) = 1;
SS(SEL) = IA32_STAR_MSR[47:32] + 8;
SS(DPL) = 0;
SS(BASE) = 0;
SS(LIMIT) = 0xFFFFF;
SS(GRANULAR) = 1;

Flags Affected

All.

Exceptions

64-Bit Mode Exceptions

Exception Description
#UD If IA32_EFER.SCE = 0. If the LOCK prefix is used.

Compatibility Mode Exceptions

Exception Description
#UD If Mode != 64-bit.

Virtual-8086 Mode Exceptions

Exception Description
#UD If Mode != 64-bit.

Real-Address Mode Exceptions

Exception Description
#UD If Mode != 64-bit.

Protected Mode Exceptions

Exception Description
#UD If Mode != 64-bit.