I did not understand their concern, but I don't know squat about Linux. On z/OS, we would have no such concern. An unauthorized program on z/OS can already perform same function as STBEAR simply by having an ESTAE in place, and intentionally causing a program check, and then looking at SDWABEA.
Jim Mulder -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Binyamin Dissen Sent: Wednesday, July 31, 2024 7:43 AM To: [email protected] Subject: Re: Breaking Event Address, BEAR Sounds like security by obfuscation. The exposure would be that source location can be viewed/altered by the target, If it cannot be altered I wonder how knowing the address would be an exposure. On Wed, 31 Jul 2024 20:34:28 +1000 Attila Fogarasi <[email protected]> wrote: :>In Linux STBEAR could be used as part of an attack vector to locate the :>target. No such exposure in z/OS (or z/VSE and z/VM for that matter) due :>to different memory structure. An unintended consequence of supporting a :>disparate architecture. :> :>On Tue, Jul 30, 2024 at 9:17?PM Binyamin Dissen < :>[email protected]> wrote: :> :>> Curious as to how that would bother Linux. :>> :>> I do understand EPSW as it exposes the real state, but STBEAR? :>> :>> On Tue, 30 Jul 2024 03:36:48 +0000 Jim Mulder <[email protected]> wrote: :>> :>> :> I found my emails from 2019-2020 when STBEAR was being designed, and I :>> see that :>> :>I had suggest that (speaking for z/OS) STBEAR should be allowed in :>> problem state for exactly the reason :>> :>for which you want to use it, but Linux :>> :>did not want it to be allowed in problem state. I see that Linux had :>> suggested making it controllable :>> :>by a CR bit (i.e., semi-privileged), but it looks like we didn't pursue :>> that. Sorry about that. :>> :>I supposed I should have paid more attention to that part of the :>> discussion, but it probably was not the hottest :>> :>issue that I was involved with at the time. :>> :> :>> :>Jim Mulder :>> :> :>> :>-----Original Message----- :>> :>From: IBM Mainframe Discussion List <[email protected]> On :>> Behalf Of Steve Austin :>> :>Sent: Monday, July 29, 2024 10:05 AM :>> :>To: [email protected] :>> :>Subject: Re: Breaking Event Address, BEAR :>> :> :>> :>Yes I could use JAS/BAS and have done so in the past, but it occurred to :>> me there might be a better way. STBEAR being privileged is disappointing. I :>> can understand LBEAR being privileged , but I'm not sure why STBEAR should :>> be. :>> :> :>> :>-----Original Message----- :>> :>From: IBM Mainframe Discussion List [mailto:[email protected]] :>> On Behalf Of Seymour J Metz :>> :>Sent: Monday, July 29, 2024 2:55 PM :>> :>To: [email protected] :>> :>Subject: Re: Breaking Event Address, BEAR :>> :> :>> :>Unless you're in supervisor state, I don't know of a way to do it. Dou :>> you have a spare register so you could JAS to the message routine? :>> :> :>> :>-- :>> :>Shmuel (Seymour J.) Metz :>> :>http://mason.gmu.edu/~smetz3 :>> :>??? ?????????? ??? :>> :>?????? ??????????? ???? ?????????? :>> :> :>> :> :>> :> :>> :>________________________________________ :>> :>From: IBM Mainframe Discussion List <[email protected]> on :>> behalf of :>> :>Steve Austin <[email protected]> :>> :>Sent: Monday, July 29, 2024 8:06 AM :>> :>To: [email protected] :>> :>Subject: Re: Breaking Event Address, BEAR :>> :> :>> :>The code I'm dealing with has an error routine that build a message, but :>> :>sometimes the message is insufficient and it would be useful to know what :>> :>branched to that routine without forcing a dump. :>> :> :>> :>-----The code Original Message----- :>> :>From: IBM Mainframe Discussion List [mailto:[email protected]] On :>> :>Behalf Of Seymour J Metz :>> :>Sent: Monday, July 29, 2024 12:58 PM :>> :>To: [email protected] :>> :>Subject: Re: Breaking Event Address, BEAR :>> :> :>> :>BEAR is not the address of the last branch, it's the address of the last :>> :>breaking event. If you brnch to an OPEN and get am S213, I don't believe :>> :>that there is any way to recover the branch. :>> :> :>> :>What is the specific scenario you're concerned with. :>> :> :>> :>IBM: is the BEAR at the time of a program check available to recovery :>> exits? :>> :> :>> :>-- :>> :>Shmuel (Seymour J.) Metz :>> :>http://mason.gmu.edu/~smetz3 :>> :>??? ?????????? ??? :>> :>?????? ??????????? ???? ?????????? :>> :> :>> :> :>> :> :>> :>________________________________________ :>> :>From: IBM Mainframe Discussion List <[email protected]> on :>> behalf of :>> :>Steve Austin <[email protected]> :>> :>Sent: Monday, July 29, 2024 6:29 AM :>> :>To: [email protected] :>> :>Subject: Breaking Event Address, BEAR :>> :> :>> :>I lied I don't want the Breaking Event address I'd like the source of :>> the :>> :>Breaking Event address. And I'm assuming the source of the BEA is the :>> same :>> :>as the source of the branch entries in the trace table. I'd like my :>> running :>> :>program to retrieve the address of the last branch without breaking :>> :>anything. Is this possible? Thanks :>> :> :>> :>-- :>> :>This e-mail message has been scanned and cleared by Google Message :>> Security :>> :>and the UNICOM Global security systems. This message is for the named :>> :>person's use only. If you receive this message in error, please delete it :>> :>and notify the sender. :>> :> :>> :>---------------------------------------------------------------------- :>> :>For IBM-MAIN subscribe / signoff / archive access instructions, :>> :>send email to [email protected] with the message: INFO IBM-MAIN :>> :> :>> :> :>> :>---------------------------------------------------------------------- :>> :>For IBM-MAIN subscribe / signoff / archive access instructions, :>> :>send email to [email protected] with the message: INFO IBM-MAIN :>> :> :>> :>-- :>> :>This e-mail message has been scanned and cleared by Google Message :>> Security :>> :>and the UNICOM Global security systems. This message is for the named :>> :>person's use only. If you receive this message in error, please delete it :>> :>and notify the sender. :>> :> :>> :>---------------------------------------------------------------------- :>> :>For IBM-MAIN subscribe / signoff / archive access instructions, :>> :>send email to [email protected] with the message: INFO IBM-MAIN :>> :> :>> :> :>> :>---------------------------------------------------------------------- :>> :>For IBM-MAIN subscribe / signoff / archive access instructions, :>> :>send email to [email protected] with the message: INFO IBM-MAIN :>> :>> -- :>> Binyamin Dissen <[email protected]> :>> http://www.dissensoftware.com :>> :>> Director, Dissen Software, Bar & Grill - Israel :>> :>> ---------------------------------------------------------------------- :>> For IBM-MAIN subscribe / signoff / archive access instructions, :>> send email to [email protected] with the message: INFO IBM-MAIN :>> :> :>---------------------------------------------------------------------- :>For IBM-MAIN subscribe / signoff / archive access instructions, :>send email to [email protected] with the message: INFO IBM-MAIN -- Binyamin Dissen <[email protected]> http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
