On Thu, 29 Mar 2012 15:21:41 GMT, MD Johnson wrote: >Does anyone know what I could look for to detect when >an SVC contains code to place the caller into and >authorized state (key 0).
You could run a GTF trace and examine all SVC calls and returns. Key 0 is not an adequate test, though. You'd have to test for supervisor state or any system key. Even that is not sufficient, because you can't tell from that whether they turned on JSCBAUTH. And then there are PC routines.... If the SVC (or PC) passes control to an address supplied by the caller, allowing the caller's code to run as part of the SVC, you might be out of luck. -- Tom Marchant ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN
