The ability to prevent instruction execution was introduced by the instruction-execution-protection (IEP) facility on the z14 (September 2017). Per the facility blurb in Chapter 1 of the PoO:
"The instruction-execution-protection facility may be available on a model implementing z/Architecture. When the facility is installed and enabled, and an instruction is fetched from the primary or home address space, an instruction-execution-protection control in the leaf DAT-table entry used in the translation determines whether instructions may or may not be executed from the frame mapped by the entry. The facility may be used by a control program to better segregate instructions from data. Improved system reliability and integrity may be realized by preventing the execution of instructions from storage locations intended to contain only data. For example, erroneously or maliciously modified data in a program stack can be prevented from being executed. (September, 2017)" So, the facility only applies to virtual addresses on newer models. As I recall, the development of this facility was requested by z/Linux in order to help avoid classic stack-overflow exposures; but, it obviously has applicability to other environments. (It was also introduced in order to "keep up with the Joneses — er ... I mean the Intels.)