I once played with these. I hope I have not forgotten too much.
In Intel architecture, under protected mode, segment registers contain an
index to a segment descriptor in the GDT or the LDT. The descriptors are
8 bytes long, so the indexes should be multiples of 8. The last three bits
are used to indicate whether the LDT or the GDT should be used, and some
trickery about privilege levels. There are four such levels (ring 0 to
ring 3) and call gates are meant to allow calls from some unpriviledged
code (ring 3 for instance) to a priviledged code (ring 0). Here, the 0007
indicates the first (0) entry in the LDT, and something like "calling from
ring 3 but I want to become ring 0". The offset part is irrelevant, as the
real target address is hardcoded in the call gate descriptor.
Just after the call, the execution continues from the point targeted by
the call gate descriptor, with the priviledge level stored in this
descriptor. This is indeed a way of implementing system calls.
The way chosen for linux is a bit more hacky, but it has some advantages.
Linux uses a user-triggered interrupt; the system call is an "int $80".
I think it might be a bit slower, but it saves the flags automatically,
allow all types of travels between rings, and this opcode is much smaller
than the "call 0007:00000000" one (2 bytes vs 7).
It also has the great characteristic of switching to a kernel stack, as it
would be really BAD is the kernel had to rely on the user-level stack.
When I saw your message, I first thought it came from some Microsoft fan... :)
--Thomas Pornin