And you can hear Chris and the IDMS team speak about this:
CA IDMS gets even zIIP-ier.
Want more CPU without buying more MIPS? Join the CA IDMS team and customers
Chris Hoelscher and Iain Robertson for a live webcast and quick tour of the new
CA IDMS zIIP expansion in 18.0 and 18.5.
-MAIN@LISTSERV.UA.EDU] On Behalf
Of Ed Jaffe
Sent: Wednesday, October 30, 2013 7:41 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: [IBM-MAIN] zIIP simulation
On 10/30/2013 5:37 AM, Shane Ginnane wrote:
Anyone ever figured out why IBM (still) doesn't allow all of the
eligible workload
of zXXP was Re: zIIP simulation
If, on the other hand, you're asking IBM (and other vendors) to spend some of
their precious engineering talents and efforts on new price discrimination
features specifically for monitoring, does that really make sense? Let's
suppose for sake of argument that such new
IBM has done some recent work improving SMF efficiency, for example via SMF
exploitation of the new zEnterprise Data Compression (zEDC) feature. If you
have moderate to heavy SMF activity then I would advise taking a close look
at the zEDC feature. (There are other reasons to consider zEDC, too.)
On 11/04/13 19:00, Ed Jaffe wrote:
On 11/4/2013 9:23 AM, Russ Teubner wrote:
I don't think customers mind using (and paying for) high-value MIPS
for high-value apps. However, everything else (e.g., integration and
plumbing) should be run on specialty engines (within the bounds of
IBM's
Farley, Peter x23353 wrote:
PMFJI here Ed, but PSPI and DMTI aren't acronyms that I recognize.
Translations please?
Peter
Product-Sensitive Programming Interface (The underlying software can change and
this interface can change or disappear.)
Diagnosis, Modification and Tuning
In 2048766999.1432321.1383584199930.javamail.r...@comcast.net, on
11/04/2013
at 04:56 PM, DASDBILL2 dasdbi...@comcast.net said:
SRBs can do I/O. They can't do SVC instructions, however. You
can start an I/O request without an SVC if you use the STARTIO
macro, which requires your code's
In 8610219510148556.wa.paulgboulderaim@listserv.ua.edu, on
11/04/2013
at 06:00 PM, Paul Gilmartin paulgboul...@aim.com said:
Is it GUPI?
No, but STARTIO is also not bare metal.
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
ISO position; see
a flag bit that
means I/O is finished.
Bill Fairchild
Franklin, TN
- Original Message -
From: Shmuel Metz (Seymour J.) shmuel+ibm-m...@patriot.net
To: IBM-MAIN@LISTSERV.UA.EDU
Sent: Tuesday, November 5, 2013 9:39:34 AM
Subject: Re: Security exposure of zXXP was Re: zIIP
3:04:01 PM
Subject: Re: Security exposure of zXXP was Re: zIIP simulation
In 8610219510148556.wa.paulgboulderaim@listserv.ua.edu, on
11/04/2013
at 06:00 PM, Paul Gilmartin paulgboul...@aim.com said:
Is it GUPI?
No, but STARTIO is also not bare metal.
--
Shmuel (Seymour J
FWIW, the UNIX services for file I/O are callable in SRB mode. But if
you are in SRB mode you own the world in any case.
Tony H.
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to
Ed Jaffe wrote:
Agreed. For example, it would be good if monitors such a RMF and
others did not use costly machine cycles.
Leaving aside costly machine cycles (compared to what?), it would be
technically impossible, wouldn't it? It's at least very technically
difficult to monitor something
In
cae1xxdfgcowtd10wjbnrrp9rkikxca3uxqijgud49ffawqj...@mail.gmail.com,
on 11/03/2013
at 02:42 PM, John Gilmore jwgli...@gmail.com said:
I will limit myself to noting that 1) an SRB cannot attach a subtask
It can, however, create and schedule an IRB, which in turn can attach
a subtask.
--
On Sun, 3 Nov 2013 16:15:56 -0800 Jon Perryman jperr...@pacbell.net wrote:
:I think Itschak is saying that SRB's can't do I/O, therefore they can't write
files to embed a virus or read confidential data. I think he's under the
impression that SRB's can't get access to everything they desire.
Sent: Monday, November 04, 2013 7:01 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Security exposure of zXXP was Re: zIIP simulation
On Sun, 3 Nov 2013 16:15:56 -0800 Jon Perryman jperr...@pacbell.net wrote:
:I think Itschak is saying that SRB's can't do I/O, therefore they can't
write files
I'm curious.
Some of the posters have indicated that their products avoid requesting
zIIP services if there are no zIIPs.
If any care to share, is that a decision made at the time they start? Is
that decision revisited? When the decision is made, by what fields is it
made?
- number of
It is worth recalling Mr Perryman's name for this thread, viz.,
Security exposure of zXXP.
His riposte---It is not responsive---to my last post employs a
rhetorical device that was familiar to the Alexandrian Greeks.
In answer to my contention that position 1457 and position 1458 in a
Kama
On 4 Nov 2013 06:30:46 -0800, in bit.listserv.ibm-main you wrote:
It is worth recalling Mr Perryman's name for this thread, viz.,
Security exposure of zXXP.
His riposte---It is not responsive---to my last post employs a
rhetorical device that was familiar to the Alexandrian Greeks.
In answer
zAAP's are indeed used by Java code running on a TCB. However, to my
knowledge, it does not follow that: With zAAP on zIIP, they must be using
SRB's. IBM determines the rules in this regard.
To me (as both an ISV and System z developer), IBM allowing more code to run on
specialty engines is
What rhetoric? It's a fact that if any vendor other than IBM moved JAVA to
zIIP, it would have been done with SRB's and JAVA would run authorized. It's a
fact that IBM moved JAVA to zAAP because of $$ and customer demand. Why would
vendors be any different with that desire for their end user
On 11/4/2013 5:01 AM, Binyamin Dissen wrote:
SRB's certainly can do I/O - they just need to do it at the metal level.
I'm not sure I would call the venerable STARTIO interface the metal
level. It probably seems that way to most developers since it's so
poorly documented...
--
Edward E
On Mon, 4 Nov 2013 15:46:47 -0800, Ed Jaffe wrote:
On 11/4/2013 5:01 AM, Binyamin Dissen wrote:
SRB's certainly can do I/O - they just need to do it at the metal level.
I'm not sure I would call the venerable STARTIO interface the metal
level. It probably seems that way to most developers since
On 11/4/2013 9:23 AM, Russ Teubner wrote:
I don't think customers mind using (and paying for) high-value MIPS for high-value apps.
However, everything else (e.g., integration and plumbing) should be run on
specialty engines (within the bounds of IBM's rules).
Agreed. For example, it would be
On 11/4/2013 4:00 PM, Paul Gilmartin wrote:
On Mon, 4 Nov 2013 15:46:47 -0800, Ed Jaffe wrote:
I'm not sure I would call the venerable STARTIO interface the metal
level. It probably seems that way to most developers since it's so
poorly documented...
Is it GUPI? I understand that IBM had
: Security exposure of zXXP was Re: zIIP simulation
On 11/4/2013 4:00 PM, Paul Gilmartin wrote:
On Mon, 4 Nov 2013 15:46:47 -0800, Ed Jaffe wrote:
I'm not sure I would call the venerable STARTIO interface the metal
level. It probably seems that way to most developers since it's so
poorly
On 11/2/2013 7:34 PM, Peter Relson wrote:
SRBs are the same level of security exposure that APF-authorized tasks
are. So if an application is already APF-authorized, switching to
enclave SRBs is not intrinsically more of a security exposure than
already existed. It is true that SRBs are more
I suspect we need an SRB that is non-authorized and can never get into an
authorized state. I hate giving auditors information with which they can abuse
us but this probably needs to be discussed. By making zIIP so cheap, IBM and
customers are strongly encouraging us to offload as much work as
I could almost wish that Mr. Perryman's conjectures were correct.
They would greatly widen the market for strong assembly-language
programming skills, which is much shrunken from what it once was; and
that would be good for the platform.
Alas, however, . . .
John Gilmore, Ashland, MA 01721 - USA
SRB mode is only needed if you use IBM's supplied API to zIIP. WLM is the
part of z/os that schedules the TCB/SRB to the a proccessor and there is a
know-how to do this, and indead requires deep knowledge of mvs interfaces
and assembler coding.
THe SRBs scheduled on the zIIP (using IBM's supplied
Do vendor's have access to the WLM implementation that allows TCB's to run on a
zIIP? Since JAVA was implemented starting with z/OS 1.11, I suspect they may
use SRB's otherwise they could have easily retrofitted it to earlier versions.
As for the risk, an SRB can use cross memory facilities.
I will not comment on Mr. Perryman's suspicions, which are not arguments.
I will limit myself to noting that 1) an SRB cannot attach a subtask
and 2) a [different] SRB that it scheduled into another address space
would also disabled for I/O.
Peter Relson's point is the important one here.
The
On 11/3/13, John Gilmore jwgli...@gmail.com wrote:
I will not comment on Mr. Perryman's suspicions, which are not arguments.
I will limit myself to noting that 1) an SRB cannot attach a subtask
and 2) a [different] SRB that it scheduled into another address space
would also disabled for I/O.
On 11/3/2013 10:25 AM, Itschak Mugzach wrote:
THe SRBs scheduled on the zIIP (using IBM's supplied interfaces) are
running in the same address space, so it minimize the risk.
Not always.
SRB mode is
also disabled for IO, so you can't infect other libraries / files like a
virus.
Not sure
...@gmail.com
To: IBM-MAIN@LISTSERV.UA.EDU
Sent: Sunday, November 3, 2013 11:42 AM
Subject: Re: Security exposure of zXXP was Re: zIIP simulation
I will not comment on Mr. Perryman's suspicions, which are not arguments.
I will limit myself to noting that 1) an SRB cannot attach a subtask
and 2
On Sun, 3 Nov 2013 14:42:18 -0500, John Gilmore wrote:
The use of these facilities by the unwashed certainly has great
potential for bringing down z/OS.
Your implied faith in your coterie transcends mine I'm afraid - the pool of
talent seems to be diminishing.
Shane ...
I agree that the pool of talent is being diminished by deaths, low
recruitment because of poor perceived economic prospects, out
migration for the same reason, and---among the young---a perception
that the excitement is elsewhere.
This issue is, however, separable from that of competence to work
I think Itschak is saying that SRB's can't do I/O, therefore they can't write
files to embed a virus or read confidential data. I think he's under the
impression that SRB's can't get access to everything they desire.
Jon Perryman.
From: Ed Jaffe
That's true. You can't infect files/load modulesqetc.
ITschak
On Mon, Nov 4, 2013 at 2:15 AM, Jon Perryman jperr...@pacbell.net wrote:
I think Itschak is saying that SRB's can't do I/O, therefore they can't
write files to embed a virus or read confidential data. I think he's under
the
SRB's are a big security exposure so customers are unlikely to open them
to their programmers.
SRBs are the same level of security exposure that APF-authorized tasks
are. So if an application is already APF-authorized, switching to enclave
SRBs is not intrinsically more of a security exposure
Since it doesn't appear to have been mentioned, IBMs zCP3000 tool is useful
for analyzing if a benefit would derive from using a ZIIP engine.
I ran one for a customer and for a DB2 z/OS workload,the benefit was
apparent on a cost benefit basis.
I believe that CA-Datacom will utilise a zIIP if
I would expect PROJECTCPU to be pretty accurate as I would expect it to
work off when the task is marked zIIP-eligible.
For non-z/OS core code, there is no such thing as a task marked
zIIP-eligible (ignoring the zAAP on zIIP functionality).
So for products that dual-path if zIIP available then
On Fri, 2013-11-01 at 17:00 +1100, Wayne Bickerdike wrote:
I believe that CA-Datacom will utilise a zIIP if present.
As will IDMS. (We're seeing approximately 50% offload of so-called
system mode time in CV.)
--
David Andrews
A. Duda Sons, Inc.
david.andr...@duda.com
I will go on record as being another zIIP-enabled vendor (like those who have
already opined) for which PROJECTCPU is worthless. When CICS starts and our
product initializes, we look to see if a zIIPs are available. If not, we don't
worry about marking the enclave SRB as zIIP elidgeble. If
After reading this thread, I understand the need for zIIP processors for heavy
CPU processes, but what about resigning and rewriting these applications ? For
us, who learned assembler or BAL ...we had less to use , cycle wise and
storage, but still managed to develop good code.
Scott ford
I know of at least one of our vendors whose product does not generate the srb's
that would get dispatched on the zIIP, if it's not there. However, they will,
if you ask, take some of the smf data for the sorts and run their analysis of
those records, and come back with projections based on
Your code may be the best design possible but it still uses CPU. Redesigning
and rewriting code to be more efficient is not the point of zIIP processors.
They are simply an IBM sales tool to make the price if z hardware more price
competitive. Running code in zIIP is less efficient (code must
Peter is correct.
SRB's are standard. Enclaves are standard. So workload that will run on zIIP
will also run on a GCP without any change. There is not a requirement to
execute the code in a TCB. It's up to the vendor.
For customers without zIIP, the SRB/enclave overhead will make the product
On 11/1/2013 at 11:44 AM, Jon Perryman jperr...@pacbell.net wrote:
4. For IFL (Linux processors), IBM disabled some instructions that are
critical to z/OS, zVSE and zVM but never used by zLinux.
To be precise, IBM disabled a single instruction that they ensured z/OS, z/VSE
and z/TPF use.
Since zVM supports zLinux, it makes sense that it allows IFL. Is there a userid
option that allows the usage of IFL processors? Or do they use some other
method?
Does CMS also use that instruction to ensure it runs on a CP?
Jon Perryman.
From: Mark Post
@listserv.ua.edu,
Date: 11/01/2013 02:37 PM
Subject: Re: [IBM-MAIN] zIIP simulation
Sent by: IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu
Since zVM supports zLinux, it makes sense that it allows IFL. Is
there a userid option that allows the usage of IFL processors? Or do
they use some other
On 1 Nov 2013 08:44:42 -0700, in bit.listserv.ibm-main you wrote:
Your code may be the best design possible but it still uses CPU. Redesigning
and rewriting code to be more efficient is not the point of zIIP processors.
They are simply an IBM sales tool to make the price if z hardware more
I think zAAP are somehow for Java but I'm not sure. I don't know how they
restrict their usage. I doubt it is thru an SRB.
zIIP is supposed to run vendor software. Most are APF authorized anyways so the
exposure is not any greater. My point was if a customer discovered how to do
this, they
On 11/1/2013 at 03:37 PM, Jon Perryman jperr...@pacbell.net wrote:
Since zVM supports zLinux, it makes sense that it allows IFL. Is there a
userid option that allows the usage of IFL processors? Or do they use some
other method?
That option only applies to so-called VM Mode LPARs, where
I suspect that every product that exploits zIIPs already does this.
Vendors cannot count on zIIPs being installed at customer locations.
If no zIIPs are available, the work must run in TCB mode. Vendor
products can't just terminate if zIIPs aren't available.
/end extract
I suspect the
I suspect the opposite, since it is not true that if no zIIPs are available,
the work must run in TCB mode. Bob must have been thinking of something else.
That is correct. I zoned out.
Bob
--
For IBM-MAIN subscribe / signoff
On Thu, Oct 31, 2013 at 8:02 AM, Shane Ginnane ibm-m...@tpg.com.au wrote:
deleted
Not denigrating anybodies efforts, merely seeking some clarity in a field
left deliberately murky by the major vendor.
They will give you the details. After you sign a non-disclosure
agreement and write a check.
On 10/31/2013 5:53 AM, Martin Packer wrote:
Ed, do you do some kind of simple cost to start up vs saving swag when
deciding whether to do this?
Yes. We are measuring to determine the break even points that work best
for us and hope they extrapolate to our customers. During ESP, we might
ask
My analysis uses SMF data and is based only on public documentation of the SMF
data. I have to explain my analysis to customers and clients so anything I
might know under NDA is not useful in those circumstances.
If some vendor(s), as Ed wrote are using CPU and it is not marked as zXXP
I want to echo something Martin Packer wrote that's really very important,
and it also applies to the IBM DB2 Analytics Accelerator and many other
technologies.
Yes, you can very accurately project how much of your current z/OS-hosted
workload will benefit from a zIIP. A far more interesting
On Tue, 29 Oct 2013 14:00:59 +, Martin Packer wrote:
The standard caution is if you're not already running the workload it
won't show up through PROJECTCPU. A good example of this might be IPSec.
That's one aspect - another that has been itching me as I also keep an eye on
these potential
Erk - I wrote:
...so we see a [TS]CB - thus no projected saving.
Sorry - TCB/SRB.
Shouldn't type whilst watching the World Series game from last night.
Shane ...
--
For IBM-MAIN subscribe / signoff / archive access
That's one aspect - another that has been itching me as I also keep an eye on
these potential savings is:
is there any software out there that is smart enough to recognise the
presence (absence) of zIIP and alter the entity created for dispatch to match
the environment. So, no zIIP, so we see a
Shane Ginnane wrote:
Sorry - TCB/SRB.
Shouldn't type whilst watching the World Series game from last night.
With or without beer? ;-)
World Series can really gets your attention, so much you can't multitask! ;-)
One way to watch those attention-grabbers during office hours is: some of my
Bob Shannon wrote:
begin extract
I suspect that every product that exploits zIIPs already does this.
Vendors cannot count on zIIPs being installed at customer locations.
If no zIIPs are available, the work must run in TCB mode. Vendor
products can't just terminate if zIIPs aren't available.
/end
@listserv.ua.edu
Date: 30/10/2013 11:40
Subject:Re: zIIP simulation
Sent by:IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu
That's one aspect - another that has been itching me as I also keep an
eye on these potential savings is:
is there any software out there that is smart
On 10/30/2013 5:37 AM, Shane Ginnane wrote:
Anyone ever figured out why IBM (still) doesn't allow all of the
eligible workload to be dispatched on the zIIP ?
$$
--
Edward E Jaffe
Phoenix Software International, Inc
831 Parkview Drive North
El Segundo, CA 90245
On 10/30/2013 6:55 PM, Al Sherkow wrote:
Yes, I too have heard of one vendor that checks to see if a zIIP is available
and if not does not setup for the zIIP. So for this vendor and their software
that would use a zIIP they are not included in the eligible time and hence not
in any analysis
Hi everyone,
Does anyone know of a tool that will help us decide if we benefit from adding a
zIIP engine to our system?
Thanks
Gadi
לשימת לבך, בהתאם לנהלי החברה וזכויות החתימה בה, כל הצעה, התחייבות או מצג מטעם
החברה, מחייבים מסמך נפרד וחתום על ידי מורשי החתימה
Ref:
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/iea2w1b0/20.2
quote
The SYS1.PARMLIB member IEAOPTxx provides statement PROJECTCPU. Specifying the
PROJECTCPU parameter allows you to project *zIIP* (and zAAP) consumptionwhen a
*zIIP* (or zAAP) processor is not yet defined to the
.
Bob
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of John McKown
Sent: Tuesday, October 29, 2013 9:37 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: zIIP simulation
Ref:
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS
29, 2013 6:33 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: zIIP simulation
Hi everyone,
Does anyone know of a tool that will help us decide if we benefit from
adding a zIIP
engine to our system?
Thanks
Gadi
--
For IBM
W dniu 2013-10-29 14:32, גדי בן אבי pisze:
Hi everyone,
Does anyone know of a tool that will help us decide if we benefit from adding a
zIIP engine to our system?
One of the methods not mentione here is to get zIIP for evaluation.
Yes, it is possible to activate zIIP for a period of time - a
72 matches
Mail list logo
