>Date: Fri, 28 Jul 2017 00:14:46 +0000 >From: "Ngan, Robert" <[email protected]> >Subject: LOC=64 executable code?
>Just noticed that the z/OS 2.3 manuals mention EXECUTABLE=YES|NO parameter for >IARV64 GETSTOR requests. >Anyone have a summary of what kinds of code we can move above the bar in z/OS >2.3? >Robert Ngan >CeleritiFinTech Services z14 and z/OS 2.3 support a new facility called Instruction Execution Protection (IEP) based on DAT table entry bit •RSM provides new function to request that non-executable memory be allocated •Exploitation support new EXECUTABLE=NO option on IARV64 and STORAGE •Any attempt to execute an instruction within such an area will result in a program check •Could be an indication of an attempt to violate system integrity •RTM will write LOGREC record of any program-check that results from IEP •Support will also be available for z/OS 2.2 and later running on z14 G. Tom Russell “Stay calm. Be brave. Wait for the signs” — Jasper FriendlyBear “… and remember to leave good news alone.” — Gracie HeavyHand
