Browse Prior Art Database

Enhanced Authorization Checking on Program Call

IP.com Disclosure Number: IPCOM000106340D
Original Publication Date: 1993-Oct-01
Included in the Prior Art Database: 2005-Mar-21
Document File: 2 page(s) / 71K

Publishing Venue

IBM

Related People

Alpert, AI: AUTHOR [+2]

Abstract

Disclosed is a new method related to the International Business Machines Corporation (IBM) Enterprise Systems Architecture/System 390 (ESA/390*) PROGRAM CALL (PC) instruction which provides hardware supported authorization checks for 'operating system' defined authorizations.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

Enhanced Authorization Checking on Program Call

      Disclosed is a new method related to the International Business
Machines Corporation (IBM) Enterprise Systems Architecture/System 390
(ESA/390*) PROGRAM CALL (PC) instruction which provides hardware
supported authorization checks for 'operating system' defined
authorizations.

The architecture to support this PROGRAM CALL enhancement is:

o   A new field in the Dispatchable Unit Control Table (DUCT.AP).
    DUCT.AP   Indicates the 'operating system' authorization state of
    the program running with this DUCT.  Zero indicates not
    authorized, non-zero indicates authorized.

o   A new field in the Entry-Table Entry (ETE.AP).
    ETE.AP - Indicates the 'operating system' authorization state
    required of a program to successfully complete the PROGRAM CALL
    instruction associated with the ETE.  ETE.AP being non-zero
    indicates that program being invoked by the PROGRAM CALL

    instruction wants to allow 'operating system' authorized programs
    to call the program.

o   A change to the PROGRAM CALL instruction operation.
    The PROGRAM CALL instruction is changed to generate a
    privileged-operation exception program interrupt if all of the
    following conditions are met:

    -   Issuer in Problem Program State (existing check)
    -   ANDing PKM and AKM yields 0 result (existing check)
    -   ANDING ETE.AP AND DUCT.AP YIELDS 0 RESULT (NEW CHECK)

    If all conditions are met, the issuing program is considered not
    authorized and it attempted to issue a PROGRAM CALL instruction
    which required the caller to be authorized.

      The following change to the PROGRAM CALL 'priority of
execution' chart describes the above changes [*].

      8.B.10    Privileged-operation exception due to zero result
from ANDing PSW-key mask and AKM AND ZERO RESULT FROM ANDING ETE-AP
AND DUCT-AP in the problem state

The Figure shows the changes to the PC instruction.

Note, if ETE.AP is zero, then the DUCT.AP bit does not affect the
outcome of the instruction and PROGRAM CALL operates as currently
defined by ESA/390.  Thus, ETE.AP being zero is compatible with
current ESA/390 PC definition.  The ETE.AP field is only valid for
stacking Program Call.  It is not used on basic PROGRAM CALL (i.e.,
ETE.T, bit 128, equal 0).

      Operating system support is needed to set the ETE.AP and
DUCT.AP fields.  In the IBM MVS operating system, for example, an MVS
APF authorized program could have the DUCT.AP field set to one.
ETE.AP could be set for PC entered services whic...