Not at all sure why IARSUBSP requires supervisor state. On Mon, 17 Nov 2014 13:17:43 -0500 "Farley, Peter x23353" <[email protected]> wrote:
:>I wasn't talking about simple XM access to the contents of another AS, but the ability to invoke program code running in an AS created for that purpose. Being able to use PC-ss instructions to invoke the code in an AS created to run that code, returning from that other AS code to the "caller" via RP or PT(I) instructions, etc. :> :>Or for another example, setting up a subspace group and running code in isolated subspaces like CICS now does. The BSG instruction description specifically mentions its use by the CICS control program to invoke code in a subspace, but there are no examples of how to set up that environment in a non-CICS environment. All of the "subspace" mechanism requires an authorized "server" to start things off and to terminate the environment cleanly. :> :>Peter :> :>> -----Original Message----- :>> From: IBM Mainframe Assembler List [mailto:ASSEMBLER- :>> [email protected]] On Behalf Of Binyamin Dissen :>> Sent: Monday, November 17, 2014 11:50 AM :>> To: [email protected] :>> Subject: Re: Multiple address spaces (was: Redesigning ... ) :>> :>> On Mon, 17 Nov 2014 08:40:18 -0700 Paul Gilmartin :>> <[email protected]> wrote: :>> :>> :>On 2014-11-17, at 08:05, Tom Marchant wrote: :>> :>> :>> On Fri, 14 Nov 2014 18:31:23 -0500, Farley, Peter x23353 wrote: :>> :>> :>>> I have often thought it was a mistaken design by IBM that prohibits :>> :>>> non-authorized programmers from exploiting multiple address spaces :>> :>>> and instruction-level space-switching facilities. :>> :>> :>> How would you propose that such non-authorized programs access only :>> :>> the other address spaces that they were permitted to access? In other :>> :>> words, how would you protect the integrity of all address spaces if :>> :>> unauthorized code were able to access other address spaces? :>> :>> :>fork() allows programmers to exploit multiple address spaces. It :>> :>requires no elevated privileges. I presume it protects integrity. :>> :>> the enablement part of fork has elevated privileges to maintain integrity. :>> There is no reason that a simple MVS service to allow connection to another :>> address space could not be provided - if there was a need. :>> :>> All you need to do is mark the target address space non-swapable, add the :>> STOKEN and set the SSAR bits. Then the ALET could be used for access. :>> -- Binyamin Dissen <[email protected]> http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel Should you use the mailblocks package and expect a response from me, you should preauthorize the dissensoftware.com domain. I very rarely bother responding to challenge/response systems, especially those from irresponsible companies.
