Your WORKAREA needs to be 512
-----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Steely.Mark Sent: Tuesday, July 15, 2025 11:53 AM To: [email protected] Subject: TSS Resource Class I've identified several UR1 and UR2 resource classes defined within Broadcom Top Secret (TSS), and they appear to be configured for use. I'd like to confirm whether these resources are actually being accessed. I reached out to Broadcom, and they provided guidance on enabling audit tracking and generating reports using TSSUTIL. According to those reports, there is no indication that the UR1/UR2 classes are currently being used-but I'd like independent verification. To test this, I've obtained a sample program that is intended to access a UR1 or UR2 resource. The expectation is that executing this program would trigger a security access attempt (either permitted or denied), which should then appear in the TSSUTIL report. However, the program is abending with an S0C4, and my assembler experience is limited-I can't determine the root cause. I suspect the issue may lie in the RACROUTE setup or how the parameters are being passed. Would someone be able to review the program and verify whether the RACROUTE is defined correctly or if any required setup is missing? Any assistance would be greatly appreciated. Sample Program: //ASM EXEC PGM=ASMA90,PARM=OBJ //SYSLIB DD DSN=SYS1.MACLIB,DISP=SHR // DD DSN=SYS1.MODGEN,DISP=SHR // DD DSN=SYSI.TSS16.CAKOMAC0,DISP=SHR // DD DSN=SYS2.XXXXXX.MACLIB,DISP=SHR //SYSUT1 DD DSN=&&SYSUT1,UNIT=SYSDA,SPACE=(1700,(600,100)) //SYSUT2 DD DSN=&&SYSUT2,UNIT=SYSDA,SPACE=(1700,(300,50)) //SYSUT3 DD DSN=&&SYSUT3,UNIT=SYSDA,SPACE=(1700,(300,50)) //SYSPRINT DD SYSOUT=* //SYSPUNCH DD DUMMY //SYSLIN DD DSN=&&OBJSET,UNIT=SYSDA,SPACE=(80,(200,50)), // DISP=(MOD,PASS) //SYSIN DD * URTEST CSECT URTEST AMODE 31 URTEST RMODE ANY R0 EQU 0 R1 EQU 1 R2 EQU 2 R3 EQU 3 R4 EQU 4 R5 EQU 5 R6 EQU 6 R7 EQU 7 R8 EQU 8 R9 EQU 9 R10 EQU 10 R11 EQU 11 R12 EQU 12 R13 EQU 13 R14 EQU 14 R15 EQU 15 STM 14,12,12(13) SAVE CALLER'S REGISTERS LR R12,R15 USING URTEST,R12 LA R3,SAVEAREA POINT TO OUR SAVEAREA ST R13,4(R3) BACK-CHAIN ST R3,8(R13) FORWARD-CHAIN LR R13,R3 SET R13 = OUR SAVEAREA *-- SET POINTER TO ENTITY (FIXED) LA R1,ENTITY RACROUTE REQUEST=AUTH,ENTITY=(R1),CLASS='UR2',ATTR=READ, X WORKA=WORKAREA * STATUS=ACCESS,WORKA=WORKAREA *-- SAVE RETURN AND REASON CODES ST R15,RC ST R0,RSN *-- RESTORE AND RETURN L R13,4(R13) LM 14,12,12(13) L R15,RC BR R14 *------------------------------------------------------------------- SAVEAREA DS 18F STANDARD 72-BYTE SAVEAREA RC DC F'0' RSN DC F'0' WORKAREA DS CL100 RACROUTE WORKAREA ENTITY DC C'APP.DATA' RESOURCE NAME DC X'00' NULL TERMINATOR (OPTIONAL) ENTPTR DC A(ENTITY) POINTER TO ENTITY NAME LTORG END //* //LINK EXEC PGM=IEWL,PARM=('AMODE=31','RMODE=ANY') //SYSLIN DD DSN=&&OBJSET,DISP=(OLD,DELETE) // DD DDNAME=SYSIN //SYSLMOD DD DISP=SHR,DSN=XXXXXX.LINKLIB //* //SYSUT1 DD DSN=&&SYSUT1,UNIT=SYSDA,SPACE=(1024,(50,20)) //SYSPRINT DD SYSOUT=* //* //SYSIN DD * NAME TSSUSR12(R) //* //JS020 EXEC PGM=TSSUSR12 //*ABNLIGNR DD DUMMY //STEPLIB DD DISP=SHR,DSN=XXXXXX.LINKLIB //SYSUDUMP DD SYSOUT=* //SYSPRINT DD SYSOUT=* // Thank You ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
