On Fri, Jun 07, 2019 at 08:57:38AM -0500, John McKown wrote: > I am not finding this. I want to change the PKM for my running, APF > authorized, program to include key 0. Why? So that I can switch in and out > of key 0 using an SPKA instruction rather than MODESET. But mainly so that > I can use the MVCSK and MVCDK instructions to read & update key 0, fetch > protected, storage without going into key 0. > > Or am I just being silly (again)?
Yes. You are already APF authorized, supervisor mode isn't that different a level of authorization. Some system routines will bypass parameter validity checking for JSCBAUTH callers. Of course, more will for supervisor or system key callers (0-7). x> Key0 is much much more dangerous than supervisor state (IMHO) Yes, much. I would recommend the use of supervisor mode, SPKA and running with a non-zero system key. I don't know IBM's position on this, however it worked really well whem I was developing IPC which allows problem mode communication between address spaces (and is a part of UCLA/Mail with source available at the cbttape site). I made the choice to run this way as at the time I was developing IPC I didn't have a VM system to test on. This was a long time ago on MVS/SP 1.1.3. I had MVS test time but most of that test time was with the understanding that while something might happen it was very low probability and others were using the system. Thus it was important to be mostly nondisruptive to other on the system. As a result, IPC code runs supervisor and an execution time parameter selected non-zero system key. This include the IPC type 1 SVC, IPC SRB routines, and IPC subsystem exit routines (EOT & EOM). Running with a non-zero protect key means it takes thought to reference a user parameter. Most areas are not just store protect but fetch protected as well. So just fetching from user storage (or a wild branch into his code) will result in a fetch exception. I did crash the system during IPC development when modifying IPC initialization code where I hadn't been as careful to avoid key zero code. Initialization only runs once, right? I had one bad base register and low storage was hit. This was above the low address protection and as I remember it, turned off some bits which told the MVS program check handler to simulate some cross memory instructions (3033 CPU). The system didn't live long after that. I quickly change the code to both fix the base register as well as switch keys so that there was much less key zero code during IPC initialization. That's the only system crash I remember from IPC development. IPC did take SDUMPs during development but these had minimal impact on the rest of the system. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
