Re: Does MVCDK move 'per byte' like MVC?
On Sat, 27 Jul 2024 11:56:44 +, Peter Relson wrote: >An alternative (no comment on relative performance) for this case since you >know the intended data is: >SPKA user-key >MVI first-byte >MVC overlapping >SPKA your-key > Thank you, that works, although I did decide to just add a 255 byte field with spaces to the code and move that with MVCDK. Again, thank you to all that responded. Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Does MVCDK move 'per byte' like MVC?
> >> And, if MVCDK does not work a byte at a time, what would be a correct >> solution for this? Copy a byte at a time with MVCDK in a loop, like the >> programming example in the POP with the MVCSK instruction? >> > >That should work, though not with great efficiency. Why not just have a >constant containing 256 (or so) blanks, and MVCDK from that? It's a >tradeoff between CPU time and storage, and in the past storage always won, >but these days 256 bytes is generally nothing. You can even put it on a >cache line boundary for extra zip... > I thought about that, but since it is a user svc the module is in the PLPA, so I was reluctant to just waste 256 bytes. On second thought, it is a 31 bit module, so perhaps that is the best option. Thanks for pointing out the specific exemption for MVC, I had overlooked that. Kind regards, Erik. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Does MVCDK move 'per byte' like MVC?
Hello All, I had this code in a user SVC: MVI DATA,X'40' BLANK OUT DATA MVC DATA+1(254),DATA As far as I'm aware this is a well known principle to clear a data area, it is explained in the POP under MVC that you can propagate a byte this way. Since the DATA area is provided by the caller of the user SVC I implemented this code to do the same with MVCDK to make sure the protection key of the storage area matches the callers key (in R1). The 'spatie' field is defined as 'SPATIE DCCL1' ' LHI R0,L'SPATIE-1 MVCDK DATA,SPATIEBLANK OUT DATA LHI R0,L'DATA-2MOVE 254 CHARS MVCDK DATA+1,DATA I had assumed that MVCDK would also propagate a byte this way and tested this on a ZD machine and that seemed to work ok. Now that we have this code on our test lpar on a z16 machine I see that it will shift the full contents of the DATA field one position to the right. This causes residual data from the previous call to appear. The POP says under MVCDK: Each of the operands is processed left to right. When the operands overlap destructively in real storage, the results in the first-operand location are unpredictable. Except for this unpredictability in the case of destructive overlap, the storage-operandconsistency rules are the same as for the MOVE (MVC) instruction Did I encounter that unpredictability the POP is talking about? Is it possible that on a ZD MVCDK works byte for byte like MVC, while on real hardware MVCDK works more like a MVCL moving all the bytes at once? And, if MVCDK does not work a byte at a time, what would be a correct solution for this? Copy a byte at a time with MVCDK in a loop, like the programming example in the POP with the MVCSK instruction? Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
putting refreshable module in subpool 252
Hello Peter, you said: This behavior, when marking the module as refreshable, applies only when the REFRPROT option of PROGxx is active. >That applies system-wide. As long as that is OK, and you have control of >setting REFRPROT, have at it. I just noticed that my system does not have REFRPROT active, but my module does get loaded in subpool 252 (key 0, not fetch protected) if I put it in SYS1.LINKLIB. Is there an explanation why this happens? Is that because I put it in an APF authorized library? And from what I understand, enabling REFRPROT will put all refreshable modules in key 0, not fetch protected storage, regardless where they reside? Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Testdriving svc in key 9 (was: finding callers key in svc)
I loaded some registers with values and then used a DC H'0' instruction to force a 0C1 abend and when I looked at the contents of the registers I assumed it abended inside the SVC, while actually it abended with the 0C4 in the calling routine. One of the registers had a value of 0x0080 which led me to believe that this was the key I found in the request block, while it was actually the result from a IPK instruction I had inserted into my calling program before doing the SPKA x'90'(0) instruction. Sometimes walking the dog for a moment gives me the clarity to understand what has happend :-) Kind regards, Erik. On Fri, 3 May 2024 11:59:23 +, Peter Relson wrote: > >I managed to show now that the code in the svc is correct, it indicated that >the caller was in key 9. > >Perhaps share, to help others not make the system mistake, what had led you to >believe that the code was not doing what you wanted. > > -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Testdriving svc in key 9 (was: finding callers key in svc)
Hello Rob, It is a user SVC that has been on our system for a long time and it is used by a number of applications. So unfortunately our best (short time) option is to secure the SVC. I will contact you of list if that is ok about the sample code for a pc routine. Kind regards, Erik. On Fri, 3 May 2024 12:12:03 +, Rob Scott wrote: >Erik. > >>> In the current implementation of the SVC that would work fine, since it is >>> all doing the MVC's in key 0, but if I change that to MVCSK and MVCDK >>> instructions I might get the 0C4 abend. > >Whilst I applaud your desire to implement MVCDK/SK, I think the word "fine" is >doing some heavy lifting in the above. >Using MVC in key0 to read/write non-Key0 memory is obviously a risk to system >integrity. > >A couple of other minor observations : >(o) Is this SVC part of new development? If so, perhaps consider using PC-cp >instead - I am some sample code that could help in this endevour if you are >interested. >You will require a resource owning ASID to house the PC routine, but it can be >limited function in design. > >(o) I am not a CICS person, but I thought that normal transactions are >discouraged from issuing SVCs (happy to be corrected if not so). -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Testdriving svc in key 9 (was: finding callers key in svc)
Hello Peter, My apologies for not changing the subject. I managed to show now that the code in the svc is correct, it indicated that the caller was in key 9. I've solved the testdriver issue now by marking that routine as REFReshable and put it in SYS1.LINKLIB. I saw an old thread about this that gave this option, the module now gets loaded into subpool 252, which is not fetch protected. I'm testing this on a personal ZPDT machine, so in this case it is a fair way to get the job done easily, without having to figure out how to do ATTACHX programming. I just would like to simulate the situation where a cics transaction running in key 9 would access a storage area it provided to the svc with key 8. In the current implementation of the SVC that would work fine, since it is all doing the MVC's in key 0, but if I change that to MVCSK and MVCDK instructions I might get the 0C4 abend. That was also where my confusion (bias) was, I was thinking (expecting) the 0C4 was triggered in the SVC, while actually it was my test program that abended on not being able to get the next instruction from the fetch protected subpool 251 my program was loaded in. Next stop is to see if I can get an ESTAE in the routine to give a message about this situation and after that perhaps make it more intelligent to allow a switch to key 8 in this situation. I've not done a lot of assembler programming over the years, so it always takes me some time to get used to it again, and these routines are of course not the easiest to handle. But I like taking on such a challenge, because the amount of stuff you learn is always very satisfying. Kind regards, Erik Janssen. On Thu, 2 May 2024 14:07:25 +, Peter Relson wrote: >Please try to have different threads with suitable subjects for each. The 0C4 >is unrelated to the subject. > >Since the code shown for the SVC routine is correct for type 2/3/4 yet you say >that you do not find the right data, then prove it: >Show the definition of the SVC, show extracts from IPCS looking at the dump >storage. > >If you are blowing up at the instruction right after the SPKA to a different >key, regardless of what that instruction was, then your program is in key 8 >fetch-protected storage so unless your new key is 0, you will not be able to >access the instruction. Requirements for placing a reentrant program into key >0 non-fetch-protected storage depend on authorization and various system-wide >options, along with the possibility of doing an ATTACHX with the KEY=NINE >parameter (which will place into key 0 storage without relying on >authorization). > >Peter Relson >z/OS Core Technology Design > > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: finding callers key in svc
I can see in the dump that my program is in subpool 251 and this is fetch protected, so it explains the abend I guess. SUBPOOL 251 KEY 08 OWNED BY TCB 008D2AA0 ADDRESS 2000 LENGTH 2000 FREE AREA 2000 LENGTH 00A8 Is there a way to force the program to go to subpool 244 for example, that is not fetch protected? I'm trying to create an easy test program that could simulate the situation where the svc is called from a cics task running in key 9 trying to access key 8 storage. That case would fail if I start using MVCSK en MVCDK, and perhaps I can add an ESTAE to do recovery in that scenario. First thing I would like to try is to create an ESTAE that would just WTO the 0C4 situation, for example 'task running in key xx tried to access storage in key yy' . The dump shows: IEA995I SYMPTOM DUMP OUTPUT 223 SYSTEM COMPLETION CODE=0C4 REASON CODE=0004 TIME=04.50.16 SEQ=00035 CPU= ASID=0029 PSW AT TIME OF ERROR 079D A0B0 ILC 2 INTC 04 ACTIVE MODULE ADDRESS=_20A8 OFFSET=0008 NAME=SVCNORM DATA AT PSW 20AA - B20A0090 1BFF 07FEC3C9 GR 0: 0064 1: 6FF8 2: 0040 3: 008DBD64 4: 008DBD40 5: 008FB058 6: 008C9FC8 7: 00FB5000 8: 008FD608 9: 008D2CB0 A: 01DAFB00 B: 0001 C: A0A8 D: 6F60 E: 80FD7B30 F: A0A8 Kind regards, Erik. > >The issue is in my test program that does the switch to key 9. >The SPKA x'90'(0) instruction properly gets translated to a B20A 0090 and from >the abend I can see in the psw that it does have key 9. >The abend I get is a 0C4 abend, which surprised me, but I'm guessing it just >cannot read the next instruction anymore since that is in key 8 storage? Or is >there something else I'm missing. >It I'm correct, how does one switch to another key and keep executing code? > >The code is: > >SVCNORM CSECT >SVCNORM AMODE 31 >SVCNORM RMODE ANY > LR R12,R15 > USING SVCNORM,R12 > SPKA x'90'(0) > DC H'0' > -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: finding callers key in svc
I took your advises to heart, started using RBLINKB instead of RBLINK. I wasn't aware I could use a label on a using and use that for reference. We have an existing SVC that reads from a given memory location and I want to secure it to use MVCDK and MVCSK, thus my need to find the caller's key. It is used by quite some application programs, so removing it is not an option on the short term unfortunately. The issue is in my test program that does the switch to key 9. The SPKA x'90'(0) instruction properly gets translated to a B20A 0090 and from the abend I can see in the psw that it does have key 9. The abend I get is a 0C4 abend, which surprised me, but I'm guessing it just cannot read the next instruction anymore since that is in key 8 storage? Or is there something else I'm missing. It I'm correct, how does one switch to another key and keep executing code? The code is: SVCNORM CSECT SVCNORM AMODE 31 SVCNORM RMODE ANY LR R12,R15 USING SVCNORM,R12 SPKA x'90'(0) DC H'0' Thank you all for your responses. Kind regards, Erik. On Wed, 1 May 2024 13:52:15 +, Seymour J Metz wrote: >Even on a S/360 that code is inefficient, but still valid. > > USING RBBASIC,R5 POINT TO REQUEST BLOCK > LR7,RBLINK LOAD CALLER RB IN REG 7 > DROP R5 DROP SVC RB MAPPING > USING RBBASIC,R7 AND NOW MAP CALLER RB > SR R1,R1 > ICR1,RBOPSWB2Key and flags > NR1,=XL4'F0' Isolate PSW KEY >*STR1,KEY STORE CALLER KEY > DCH'0'FORCE ABEND > >As a matter of style I would probably have written > > USING RBBASIC,R5 SVRB address set on entry > LR7,RBLINK CALLER's RB >CALLER USING RBBASIC,R7 > SR R1,R1 > ICR1,CALLER.RBOPSWB2Key and flags > NR1,=XL4'F0' Isolate PSW KEY >*STR1,KEY STORE CALLER KEY > DCH'0'FORCE ABEND > >I would take a closer look at the SPKA code. > >-- >Shmuel (Seymour J.) Metz >http://mason.gmu.edu/~smetz3 >עַם יִשְׂרָאֵל חַי >נֵ֣צַח יִשְׂרָאֵ֔ל לֹ֥א יְשַׁקֵּ֖ר > > >From: IBM Mainframe Discussion List on behalf of >Peter Relson >Sent: Wednesday, May 1, 2024 8:55 AM >To: IBM-MAIN@LISTSERV.UA.EDU >Subject: Re: finding callers key in svc > > > USING RBBASIC,R5 POINT TO REQUEST BLOCK > LR7,RBLINK LOAD CALLER RB IN REG 7 > DROP R5 DROP SVC RB MAPPING > USING RBBASIC,R7 AND NOW MAP CALLER RB > LR1,RBOPSW GET CALLER PSW AND PUT IN REG 1 > NR1,=X'00F0'ONLY PSW KEY > SRL R1,16 SHIFT TO 00K0 >*STR1,KEY STORE CALLER KEY > DCH'0'FORCE ABEND > > >If your SVC is a type 2/3/4 SVC, the code works. >I can't speak to how you are debugging or what you are seeing in a dump >because you have not shared any of that information. > >You could even try this without needing your own SVC by having your code in a >LINK target, at least to verify that you are seeing the PSW of the SVC issuer >(SVC 6 in the simplest LINK case). You wouldn't have R5 set on input but can >easily pick that up via (IHAPSA) PSATOLD -> (IKJTCB) TCBRBP. > >It is in general poor form to use RBLINK rather than RBLINKB unless AMODE 24, >but in your case you would know that the caller's RB is not waiting so the >high byte will have a 0 wait count so can get away with using the 4-byte name. > >These days, the L/N/SRL has many better alternatives, such as >LLC (of the 2nd byte of RBOPSW) / NILL (to clear the low 4 bits if for some >reason you need to do so). > >Peter Relson >z/OS Core Technology Design > > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: finding callers key in svc
I must be doing something wrong, because if I do that it indicates key 0. I was expecting key 9 somewhere... On Tue, 30 Apr 2024 08:50:13 -0500, Wayne Driscoll wrote: >If you are in a Type 2, 3 or 4 SVC, the PSW at the time of the SVC >instruction is in the SVRB whose address is in R5 upon entry, that is the >RBOPSW you would want to interrogate. Your code is looking at the PSW at >the time the callers RB was created, mostly via a LINK or ATTACH SVC, since >it was a problem program. >Wayne Driscoll >Note: all opinions are strictly my own. > >On Tue, Apr 30, 2024 at 4:02 AM Erik Janssen < >062c999269e8-dmarc-requ...@listserv.ua.edu> wrote: > >> >> > >> >As to the initial question, as pointed out, it depends on the type of the >> SVC. The SVC owner knows what type it is (because they defined it) and can >> look in the right place for that type of SVC, just as they look in the >> right place for the caller's regs (for which the answer is different than >> the psw/key, but similarly depends on the type of the SVC. >> > >> >> >> I had the idea that this code in the SVC would give me the key the SVC >> caller was executing in: >> >> USING RBBASIC,R5 POINT TO REQUEST BLOCK >> L R7,RBLINK LOAD CALLER RB IN REG 7 >> DROP R5 DROP SVC RB MAPPING >> USING RBBASIC,R7 AND NOW MAP CALLER RB >> L R1,RBOPSW GET CALLER PSW AND PUT IN REG 1 >> N R1,=X'00F0' ONLY PSW KEY >> SRL R1,16 SHIFT TO 00K0 >> STR1,KEY STORE CALLER KEY >> DCH'0'FORCE ABEND >> >> However, when I call this SVC from an problem program the switches to key >> 9 before the call: >> >> SPKA X'90'(0) SWITCH TO KEY 9 >> SVC 255 >> >> I see that R1 has a value of x'0080' (key 8) at the time of the abend, >> where I was expecting x'0090'. >> Is see that it is possible that there are more request blocks. I'm I not >> looking at the right one, and if so, how do you know if you reached the top >> RB, or is my approach really wrong? >> >> Kind regards, >> >> Erik Janssen. >> >> -- >> For IBM-MAIN subscribe / signoff / archive access instructions, >> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN >> > > >-- >Wayne Driscoll >Software Engineer | Mainframe Software Division >Broadcom Software > >*Office: *630-300-1931* Mobile:* 630-247-1632 >wayne.drisc...@broadcom.com -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: finding callers key in svc
> >As to the initial question, as pointed out, it depends on the type of the SVC. >The SVC owner knows what type it is (because they defined it) and can look in >the right place for that type of SVC, just as they look in the right place for >the caller's regs (for which the answer is different than the psw/key, but >similarly depends on the type of the SVC. > I had the idea that this code in the SVC would give me the key the SVC caller was executing in: USING RBBASIC,R5 POINT TO REQUEST BLOCK L R7,RBLINK LOAD CALLER RB IN REG 7 DROP R5 DROP SVC RB MAPPING USING RBBASIC,R7 AND NOW MAP CALLER RB L R1,RBOPSW GET CALLER PSW AND PUT IN REG 1 N R1,=X'00F0' ONLY PSW KEY SRL R1,16 SHIFT TO 00K0 STR1,KEY STORE CALLER KEY DCH'0'FORCE ABEND However, when I call this SVC from an problem program the switches to key 9 before the call: SPKA X'90'(0) SWITCH TO KEY 9 SVC 255 I see that R1 has a value of x'0080' (key 8) at the time of the abend, where I was expecting x'0090'. Is see that it is possible that there are more request blocks. I'm I not looking at the right one, and if so, how do you know if you reached the top RB, or is my approach really wrong? Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: finding callers key in svc
On Fri, 26 Apr 2024 21:36:36 +, Seymour J Metz wrote: >NO! Use RBOPSW; the caller might not be in the PSW key. > >-- Could you explain in what situation that happens? Is that when the task is multihreaded and another thread has changed the key in the psw in between the call to the svc and the time of looking at the psw? Thank you all for the quick reponses by the way :-) -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: finding callers key in svc
It is a type 3 svc. I also saw an example that uses the TCBPKF field to determine the key. So I guess that is also an option? On Fri, 26 Apr 2024 20:20:26 +, Seymour J Metz wrote: >What type of SVC? The SVRB only exists for 3, 3 and 4. > >-- -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
finding callers key in svc
Hello List, Is there way to determine the key that the caller of a SVC is executing in? For a PC routine doing an ESTA and some shifting seems to be the way to find the key, but I'm unsure how the same could be done from a user SVC. Is it somewhere in the SVRB? Also, I see this example in the authorized code scanner: https://www.ibm.com/docs/en/zos/2.4.0?topic=fixes-fetch-vulnerability-example vulnerable: LA R3,copyparms MVC 0(4,R3),0(R2) fixed: LHI R3,1 ESTA R0,R3 SRDL R0,48 LHI R0,3 LA R3,copyparms MVCSK 0(R3),0(R2) I noticed that the length loading in R0 for the MVCSK is 3, while in the vulnerable mvc example the length is 4. The POP for MVCSK says: L specifies the number of bytes to the right of the first byte of each operand. Therefore, the length in bytes of each operand is 1-256, corresponding to a length code in L of 0-255. Is there any logic behind why MVC uses the actual byte count and MVCSK uses the 'number of bytes to the right'? Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Assembler access to USS functions
Let me try and keep this thread alive ;-) If the environment variables are in a LE data block, then where were they kept when omvs was first introduced? I was under the impression that omvs was introduced by before LE, or am I wrong? Kind regards, Erik Janssen On Sat, 7 Oct 2023 08:59:28 +0800, David Crayford wrote: >> On 7 Oct 2023, at 6:28 am, Kirk Wolf wrote: >> >> This is a thread that won't die. > >And there has been some absolute tosh spouted! > >> >> In z/OS, environment variables are in Language Environment, in the CEEEDB >> ("Enclave Data Block"). If your assembler code is running in LE, you can >> access/set them. An empty table is created when the enclave is >> initialized, which can be BEFORE dubbing which happens at the first kernel >> call.Look in the LE books if you don't believe me. > >I believe you. It’s dependent on the OS. On Linux environment variables are >stored in the proc file system, /proc//environ. Whoever stated it’s part >of the C runtime doesn’t know what they’re talking about. > >> >> Kirk Wolf >> Dovetailed Technologies >> http:// <http://dovetail.com>coztoolkit.com >> >> On Thu, Oct 5, 2023, at 8:15 PM, Seymour J Metz wrote: >>> The issue isn't what has access to environmental variables, but rather what >>> creates them. >>> >>> Further, they are useful in other contexts. An otherwise legacy program >>> that uses a Unix command may need to pass the odd environment variable to >>> control options for which there are no switches. >>> >>> >>> From: IBM Mainframe Discussion List on behalf of >>> Jon Perryman >>> Sent: Thursday, October 5, 2023 9:06 PM >>> To: IBM-MAIN@LISTSERV.UA.EDU >>> Subject: Re: Assembler access to USS functions >>> >>> On Thu, 5 Oct 2023 20:54:56 +, Seymour J Metz wrote: >>> >>>> Even if you have an OMVS segment, you don't get dubbed ntil you use a Unix >>>> service. >>> >>> Environment variables are not unique to UNIX and do not require dubbing. It >>> is a feature of the C/C++ language that is in the STDLIB (standard library) >>> and can be used in any environment. >>> >>> Environment variables are only useful in languages that do not support >>> global variables or inter-language global variables is not supported. I >>> suspect that C and Cobol global variables are shared because of LE. >>> Languages like shells, Python, Java and others which are runtime languages >>> don't have access to C and Cobol global variables which makes environment >>> variables a simple inter-language-communications feature. >>> >>> -- >>> For IBM-MAIN subscribe / signoff / archive access instructions, >>> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN >>> >>> -- >>> For IBM-MAIN subscribe / signoff / archive access instructions, >>> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN >>> >> >> -- >> For IBM-MAIN subscribe / signoff / archive access instructions, >> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: TRSMAIN AMATERSE
It is documented in the original patent as far as I can see, but I haven't looked in dept into both the patent and the java example: https://www.freepatentsonline.com/4814746.html But I'm not sure if that will give you enough information. It depends on what you are trying to achieve with the information I guess. On Sun, 13 Aug 2023 01:30:49 +, kekronbekron wrote: >Is the **algorithm** documented... you know, in words, with examples? > > >--- Original Message --- >On Saturday, August 12th, 2023 at 10:21 PM, Erik Janssen > wrote: > > >> See: >> https://github.com/openmainframeproject/tersedecompress >> >> Kind regards, >> Erik. >> >> >> On Sat, 12 Aug 2023 05:19:43 +, kekronbekron kekronbek...@protonmail.com >> wrote: >> >> > By any chance, is the algorithm for tersing/untersing publicly available? >> > >> > -- >> > For IBM-MAIN subscribe / signoff / archive access instructions, >> > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN >> >> >> -- >> For IBM-MAIN subscribe / signoff / archive access instructions, >> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: TRSMAIN AMATERSE
See: https://github.com/openmainframeproject/tersedecompress Kind regards, Erik. On Sat, 12 Aug 2023 05:19:43 +, kekronbekron wrote: >By any chance, is the algorithm for tersing/untersing publicly available? > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: What is BPXAS and how do I make them stop piling up?
I'm not sure how important your system is, but the example you send indicates that the bpxas is running on behalf a ssh session. If most of the bpxas address spaces are running for ssh, you might want to investigate why you suddenly see an increase of ssh sessions coming into your system. Kind regards, Erik. On Mon, 10 Apr 2023 16:29:02 -0500, Charles Mills wrote: >Humor me here. I assume this is basic system programming, but I don't claim to >be a sysprog. > >We have a Dallas system. Something in our usage patterns or something has >changed recently to where we end up with spool filled up with BPXAS jobs and >we eventually run out of JQEs which is not a Good Thing. > >Can someone tell me what BPXAS is, and more importantly, what to change in the >proc so that the jobs will go away rather than hanging out in spool until I >manually purge them. > >When I do an ST I see a bunch of them running, and a whole bunch in Print, but >I don't see them when I do a DA. > >Here's a typical example: > >09.22.31 STC01149 MONDAY,10 APR 2023 > >09.22.31 STC01149 $HASP373 BPXASSTARTED > >09.22.31 STC01149 BPXP024I BPXAS INITIATOR STARTED ON BEHALF OF JOB SSHD4 >RUNNING IN ASID 0042 >1 //BPXASJOB MSGLEVEL=1 >STC01149 >2 //BPXASEXEC BPXAS,GETWORK=BPXPRJSR > > > XX* > 0005 >3 XXIEFPROC EXEC PGM=IEFIIC,DPRTY=12,PARM=',,,BPXPRJRW' >0010 > > XX/ > 0020 > XX* > */ 0025 > XX*01* PROCEDURE NAME : BPXAS > */ 0030 > XX* > */ 0055 > XX*01* FUNCTION: Used to start the MVS initiator > */ 0060 > XX* > */ 0065 > XX*01* COMPONENT: SC1B6 (Initiator) > */ 0070 > XX* > */ 0080 > XX*01* DISTRIBUTION LIBRARY: SYS1.PROCLIB > */ 0085 > > XX/ > 0185 > IEFC653I SUBSTITUTION JCL - > PGM=IEFIIC,DPRTY=12,PARM=',,BPXPRJSR,BPXPRJRW' > STMT NO. MESSAGE > >2 IEFC001I PROCEDURE BPXAS WAS EXPANDED USING SYSTEM LIBRARY > SYS1.PROCLIB >IEFA111I BPXAS IS USING THE FOLLOWING JOB RELATED SETTINGS: > > SWA=ABOVE,TIOT SIZE=32K,DSENQSHR=DISALLOW,GDGBIAS=JOB > > BOTTOM OF DATA > > >Thanks, >Charles >Not a Systems Programmer > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Is there a TCPTRACEROUTE equivalent for z/OS ?
Hello Jan, If you have python available there are a number of tools that can do what you want. The answer in this link shows some options: https://stackoverflow.com/questions/53112554/tcp-traceroute-in-python Kind regards, Erik. On Fri, 21 Oct 2022 06:22:14 -0500, Jantje. wrote: >Dear Listers, > >I tried PING and TRACERTE and failed because the firewall blocks ICMP and the >UDP ports. > >What I really need to diagnose my problem is a port of the Linux command >tcptraceroute. And friend Google let me down, not finding an implementation of >this command on z... So, I am calling on the esteemed body of knowledge that >is supporting this list: would any of you know of a utility/command/script >that enables one to test a route using the TCP protocol? > >Thanks and very best regards, > >Jantje. > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Some UNIX file usage questions
I created a rexx that can respond to an operator stop command in native rexx. My colleague still has it available at https://github.com/wizardofzos/natconf16/blob/master/zos/POCREXXS It uses some other proof of concepts that might be interesting. Not sure if it is of use in this case, but I thought I'd share. Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: apply unix command under 3.4 to pathname dir
Not sure if the ! can be escaped in any way, but I saw it is possible to set another character in the options as the pathname substitution character. In my case I would definitately prefer to use an ssh session or the omvs shell, but I was looking if there were options for users that have less experience with unix to still be able to give commands this way. I also found out that you can use dirname and basename to get the directory name and filename portion of the path. cd `dirname !`;pwd;basename !; Kind regards, Erik. On Thu, 2 Jun 2022 15:33:46 -0500, Paul Gilmartin wrote: >On Thu, 2 Jun 2022 15:19:47 -0500, Erik Janssen wrote: > >>Ah yes, it is actually on the panel; 'Use the pathname substitution character >>!' :-) >>That what I was looking for, I already thought that there had to be some way, >>I just didn't notice it. >>I was already using 3.17 basically, but since some recent z/os release you >>can just type in a unix directory under 3.4 and it will automatically bring >>you to 3.17. From the responses so far this seems like a well hidden feature >>:-) >>So, what works for me is to put an X for the . (current directory) in the >>filelist, then use cd !;git status as a command with option 2 (login shell). >> >Wouldn't it be simpler to work under a z/OS UNIX shell rather than struggling >with >the recondite conventions of ISPF? > >BTW, how can one use a literal "!", not as a pathname substitution character? > >-- >gil > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: apply unix command under 3.4 to pathname dir
Ah yes, it is actually on the panel; 'Use the pathname substitution character !' :-) That what I was looking for, I already thought that there had to be some way, I just didn't notice it. I was already using 3.17 basically, but since some recent z/os release you can just type in a unix directory under 3.4 and it will automatically bring you to 3.17. From the responses so far this seems like a well hidden feature :-) So, what works for me is to put an X for the . (current directory) in the filelist, then use cd !;git status as a command with option 2 (login shell). Kind regards, Erik. On Thu, 2 Jun 2022 17:49:10 +, Sri h Kolusu wrote: >Erik, > >Did you try option 3.17 ? Provide the path and once in the directory you can >put a slash "/" against the file name you want to execute your command, it >will show you a pop up something like this . Option 23 is to execute a command. > >EsssN >eDirectory List Actions e >e e >e File - /u/user/myfile.xxx e >e e >e DIRLIST Actione >e 1. Edit 14. Information e >e 2. Edit - ASCII 15. File System e >e 3. Edit - UTF-8 16. Modify Mode Fields e >e 4. View 17. Modify Extended Attrse >e 5. View - ASCII 18. Modify Owning User e >e 6. View - UTF-8 19. Modify Owning Group e >e 7. Browse 20. Modify Formate >e 8. New 21. User Auditinge >e 9. Directory List 22. Auditor Auditing e >e 10. Delete 23. Execute command e >e 11. Rename 24. Refadd e >e 12. Copy Out 25. Manage ACLs e >e 13. Copy In e >e e >e Select a choice and press ENTER to process data set action. e >DsssM > >And after that you will provided to enter you command and way to run it > >Pathname . . . . /u/user/myfile.xxx > >Enter the command below. Use the pathname substitution character ! >to indicate where to have the pathname substituted. If not specified, the >pathname will be appended to the end of the command. > >Command for file: > > > > >Run method . . .1. Direct >2. Login shell >3. TSO > >z/OS UNIX command time limit . . . > > >Thanks, >Kolusu > > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
apply unix command under 3.4 to pathname dir
Hello List, For some time it is possible to list omvs directories under 3.4. There is an option to enable primary commands entered to be executed as a unix command. However, this will always bring me to my home dir first. Is there an easy way to have the command run from within the directory on the Pathname? For example, I would like to be able to go to 3.4, enter /u/someuser/somegitproject and run a git status command and have it run with /u/someuser/somegitproject as the current directory. Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: creating a python login module
Yes, I think I understand that now. It was only recently that I found out the APF and AC(1) are even sort of unrelated in a way. I always though that any module performing authorized functionality had to be linked AC(1), but I found that only main routines should be linked AC(1) and that it can even be dangerous to link a module that is not intended to be called as a main routine AC(1). On Tue, 22 Feb 2022 15:12:35 +, Seymour J Metz wrote: >APF AC(1), program control and UID(0) are mutually unrelated. > > >-- >Shmuel (Seymour J.) Metz >http://mason.gmu.edu/~smetz3 > > >From: IBM Mainframe Discussion List [IBM-MAIN@LISTSERV.UA.EDU] on behalf of >Erik Janssen [eaw.jans...@gmail.com] >Sent: Monday, February 21, 2022 3:59 PM >To: IBM-MAIN@LISTSERV.UA.EDU >Subject: Re: creating a python login module > >Well, the routine I wrote can handle a user, password or passphrase and >optionally an APPL to verify against. >So, even though there are a lot of options to do it different, I was more >looking for ways how such a 'service routine' that needs apf authorization >could be used from a non-authorized caller. >The __passwd routine can do it, but it requires program controlled environment >and python doesn't seem to be defined as program controlled and I don't want >to 'just' enable it. >Also, the relation between APF authorisation and program control (if any) >still eludes me, and if there is no relation then I don't understand how >__passwd can check a password if the environment is not apf authorized. >I hope that someone can explain how that works. > >Kind regards, >Erik. > >On Mon, 21 Feb 2022 15:10:48 +, Colin Paice wrote: > >>Erik, >> >>Do you need to specify a password? >> >>Could you define a RACF profile instead, and use RACF check to see if the >>userid has access to that profile? >>I dont think there is a Callable function for it, but you could write some >>glue code to call an assembler routine to do a RACROUTE call. >> >>You could use an existing class, such as APP. >>I dont think it needs to be APF authorised... but you would need to check >>this. >> >>Colin >> > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: creating a python login module
In addition to my own post, of course for the actual PADS functionality, where you allow a different access to a dataset if a certain program is doing the open it also makes sense that you only want to do that if you can make sure that this 'certain program' is actual the one you intended to give the access and not some rogue program that was just named likewise in an untrusted library. So I didn't want to imply that identity changing is the only 'use case' for program control. On Tue, 22 Feb 2022 04:30:49 -0600, Erik Janssen wrote: >Thanks for the pointers! Very interesting, I never realized that the ZSS part >was also open source and written in metal C. I've so far only seen very >minimal examples of using metal C, so I will look into the code! >It seems that ZOWE also has the approach to have a PC service that runs the >authorized code, so I guess my initial feeling was correct that this is the >correct 'pattern' to provide authorized services to an unauthorized (yet >perhaps 'program controlled') backend. The program control seems to be a >specialization of that 'pattern', where you might decide that the only >'clients' of your authorized PC service can be programs that have been loaded >from a 'controlled environment'. This mainly seems to have been focused on >services that allow the identify of the invoker to change like the >pthread_security_np() call, which seems to make sense that you would only want >to allow that to happen if you know where the module that wants to do that was >loaded from. >I will see if I can get slack up and running :-) > >Kind Regards, >Erik. > > -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: creating a python login module
Thanks for the pointers! Very interesting, I never realized that the ZSS part was also open source and written in metal C. I've so far only seen very minimal examples of using metal C, so I will look into the code! It seems that ZOWE also has the approach to have a PC service that runs the authorized code, so I guess my initial feeling was correct that this is the correct 'pattern' to provide authorized services to an unauthorized (yet perhaps 'program controlled') backend. The program control seems to be a specialization of that 'pattern', where you might decide that the only 'clients' of your authorized PC service can be programs that have been loaded from a 'controlled environment'. This mainly seems to have been focused on services that allow the identify of the invoker to change like the pthread_security_np() call, which seems to make sense that you would only want to allow that to happen if you know where the module that wants to do that was loaded from. I will see if I can get slack up and running :-) Kind Regards, Erik. On Tue, 22 Feb 2022 08:35:50 +0800, David Crayford wrote: >On 22/2/22 4:59 am, Erik Janssen wrote: >> Well, the routine I wrote can handle a user, password or passphrase and >> optionally an APPL to verify against. >> So, even though there are a lot of options to do it different, I was more >> looking for ways how such a 'service routine' that needs apf authorization >> could be used from a non-authorized caller. >> The __passwd routine can do it, but it requires program controlled >> environment and python doesn't seem to be defined as program controlled and >> I don't want to 'just' enable it. > >Program Control can be a PITA, but APF authorizing a service is a bag of >worms. > >> Also, the relation between APF authorisation and program control (if any) >> still eludes me, and if there is no relation then I don't understand how >> __passwd can check a password if the environment is not apf authorized. >> I hope that someone can explain how that works. > >AFAIK, there is no relationship. I've very leery when I see a z/OS UNIX >program APF authorized. > >Zowe has a couple of components you may be interested in. All APF >authorized services are processed in the ZIS server, otherwise nown as >the cross-memory server. It's a Metal/C application that is open source >an available to >Github. It provides services via PC calls which are exploited by the ZSS >server which is a lightweight HTTP server written in C. Both have tiny >footprints and you can write your own plugins. SAF >authentication/authorization are >already provided. > >Disclaimer: I'm a Zowe commiter and I mainly work on these components. >Although only for code reviews, we have devs working full time on Zowe. > >https://docs.zowe.org/stable/getting-started/zowe-architecture/ >https://github.com/zowe/zss > >BTW, building this stuff can be tricky. You can reach out on the >OpenMainframe slack channel and one of our helpful devs can assist you. >Or just ping me offline. > > >> -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: creating a python login module
Well, the routine I wrote can handle a user, password or passphrase and optionally an APPL to verify against. So, even though there are a lot of options to do it different, I was more looking for ways how such a 'service routine' that needs apf authorization could be used from a non-authorized caller. The __passwd routine can do it, but it requires program controlled environment and python doesn't seem to be defined as program controlled and I don't want to 'just' enable it. Also, the relation between APF authorisation and program control (if any) still eludes me, and if there is no relation then I don't understand how __passwd can check a password if the environment is not apf authorized. I hope that someone can explain how that works. Kind regards, Erik. On Mon, 21 Feb 2022 15:10:48 +, Colin Paice wrote: >Erik, > >Do you need to specify a password? > >Could you define a RACF profile instead, and use RACF check to see if the >userid has access to that profile? >I dont think there is a Callable function for it, but you could write some >glue code to call an assembler routine to do a RACROUTE call. > >You could use an existing class, such as APP. >I dont think it needs to be APF authorised... but you would need to check >this. > >Colin > -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: creating a python login module
Thanks, I will have a look. That is also an option of course to have a java API do the racf check and generate a JWT that the python APIs can use to verify the validity of the request. On Mon, 21 Feb 2022 21:19:02 +0800, David Crayford wrote: >https://github.com/zowe/sample-spring-boot-api-service/blob/master/zowe-rest-api-sample-spring/docs/zos-security.md > >> On 21 Feb 2022, at 9:18 pm, David Crayford wrote: >> >> There is a sample Zowe Spring Boot micro service that can stand alone with >> no external Zowe dependencies which you can use to decouple access >> control/authentication from your application. >> -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: creating a python login module
Hello David, The __passwd() was our initial approach, but making python program controlled is probably(?) not a good way to go, at least it is not delivered as being program controlled. I guess that makes sense for an interpreted language. The returned token itself is a basically a JWT if I recall correctly, but I liked to have the 'authorization service' part of it to be natively running on z/os / talking to RACF. Kind regards, Erik. On Mon, 21 Feb 2022 21:08:37 +0800, David Crayford wrote: >You can do all of that in C code using the __passwd() and >__check_resource_auth_np library functions. You will need to be program >controlled which means Python and it's runtime will also need to be >platform controlled. Most modern services do this using an API like the >Zowe authenication API. If you're writing a web application in Flask you >should consider using JWTs. If it were me, I would prefer to use a >Spring Boot Java application instead of Python. There is a much richer >set of SAF APIs and the entire Java JRE is program controlled. > ] -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
creating a python login module
Hello List, We are creating some APIs with python flask running on z/os (some in combination with z open automation utilities in order to drive existing rexx / ispf edit macro logic) and that is looking very promising. In order to properly protect those APIs I am trying to create a authorization API, that would call a module that can verify a RACF user/password/appl combination so that it can return a token with which - for some time - you can then call the actual API's. I've managed to create an assembler DLL that works with that principe, calling the neccessary RACROUTE's. But, since this module needs APF authorisation I can only see a way to call the module as a subprocess through an - apf authorized - c main wrapper program. In this case it will return the SAF RC and the actual wto message as stdout. But, specifying a password this way as a cmdline parm means that it would show up in ps screen in SDSF for example. Loading the assembler DLL in python through CDLL technically works, but actually will get a S683 abend, since it lost its APF authorisation. My idea was that the module will check if the caller is authorized to actually check the specified user/password by some custom racf profile, so that I can prevent it from generally being allowed to check all user/password combinations. Apart from the obvious risks involved in APF authorized routines, giving this principe that I would like to create a routine that - in a controlled way - could do password checking for unauthorized callers, what options are there to do so? As far as I can see, the only option would be to provide some PC routine, with a unauthorized stub that can call the authorized running PC 'backend', but I'm not even sure if that would be a proper way to use a PC routine (let alone the fact if I would ever manage to - securely - create one). Kind regards, Erik. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: article about ransomeware and mainframe
The article itself may contain some errors and misunderstandings, but the conclusion is absolutely spot on. Some people still maintain the idea that z/OS is better that linux and even windows in terms of security. Sadly, this believe and lack of urgency means that all z/OS shops that are not recent on their maintenance today are running with zero day exploits in APF authorized routines that leave them extremely vulnerable. Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: DYNAM vs NODYNAM
Ah yes, That makes sense. Kind regards, Erik. On Tue, 21 Sep 2021 10:47:37 -0400, Tony Thigpen wrote: >Because the translator generates: > Call 'DFHEI1' . >And you don't want them dynamic. > >Tony Thigpen > >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
DYNAM vs NODYNAM
Hello All, In the COBOL documentation at https://www.ibm.com/docs/en/cobol-zos/6.2?topic=environment-choosing-dynam-nodynam-compiler-option it is said that for example CICS requires the NODYNAM compile option. My idea was that the sole purpose of DYNAM vs NODYNAM was to control dynamic vs static calls, where DYNAM will always lead to dynamic calls, but with NODYNAM only a CALL literal will lead to a static call, a CALL identifier will still lead to a dynamic call. So is it only possible under CICS to use CALL literal in this case (must all calls be static), or can you still use dynamic calling with a CALL identifier? And if the latter is the case, then why is there a requirement to use NODYNAM? Is there some other effect of DYNAM vs NODYNAM that I'm not seeing? Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Finding the STEIN of another address space
Hello Peter, Not that I understand any concept in this thread, but I looked at the ASSB mapping docu in https://www.ibm.com/support/knowledgecenter/SSLTBW_2.4.0/com.ibm.zos.v2r4.iead100/ASSB-map.htm and it says at the ASSBISQN at offset 52: Initial address space sequence number / instance number. It can be used with ASCBASID for the SSAIR instruction Is that incorrect information then, or am I interpreting your answer incorrectly? Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
strange python announcement
Hello All, Today I noticed https://developer.ibm.com/mainframe/2020/03/24/python-for-z-enablement/ where IBM announces 'IBM intends to enable Python on z/OS together with the open source community'. The whole announcement never mentions Rocket's port of python that has long been available (and has often been referred to by IBM in many documents). Is IBM intending to deliver their own port, or have upstream support for z/os in the python base? Does anybody have more insight into what direction IBM is taking with this statement? Kind regards, Erik Janssen. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Startio documentation
Hello List, Out of curiosity I want to learn a bit more about startio. Don't worry, I won't go and attempt to mess up someones z/os lpar, it is just for pure nerd brain entertainment. Searching through the archives I found that there is a whitepaper that was written by Peter Haas called "The STARTIO Facility of MVS", that there were some examples called startio.txt or startio.ex.txt, that Bill Fairchild gave a SHARE presentation on the subject in March 2009 in Austin and that IBM documented it, partially, in IOS logic manuals; the versions for OS/VS2 R2 through R3.8 were publicly available. My search engines efforts to find any of the mentioned documents have failed so far, so is there anybody on the list that has (some of) the mentioned documents available and is willing to share? Kind regards, Erik Janssen. PS. I had posted the same question through Google groups, but that doesn't work in a way that the actual list gets the message it seems. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN