We now have SVC screening working but only for one task (TCB). If we attach a subtask the SVC screening fields are not propagated to the new task. In later versions of MVS there is an option to set an additional flag in the TCB that will cause ATTACH processing to copy the SVC screening related fields. We could modify the ATTACH SVC routine to propagate these fields, in fact it would be pretty simple. Instead we will take a more interesting, and complex way to solve this problem. We will use SVC screening to intercept ATTACH SVC calls and propagate the SVC screening fields in our intercept routine.
MVI 42(R2),X'00' INTERCEPT SVC 42 ATTACH
First we set the corresponding byte in our screen table for SVC 42 (ATTACH).
CLI 0(R9),42 ATTACH
BE SVC42
In our intercept routine we check for SVC 42 and branch to process it.
SVC42 DS 0H
LR R14,R11 RESTORE RETURN ADDRESS
L R6,=V(SVX42) SVC 42 ROUTINE
BR R6 TRANSFER CONTROL
First we restore the return address to register 14 and then we load the address of our SVC 42 processing routine into register 6 and branch to it. Entry to our routine will be exactly like a SVC call entry.
SVX42 CSECT ,
USING SVX42,R6 ESTABLISH BASE REGISTER
USING TCB,R4 MAP TCB
USING RBSECT,R5 MAP RB
We start by establishing a base register and mapping the TCB and RB control blocks.
LR R8,R14 SAVE RETURN ADDRESS
LR R9,R1 SAVE PARM LIST
LR R10,R15 SAVE ATTACH PARM LIST
Next we save the return address contained in register 14, the parameter list for the attached program contained in register 1, and the parameter list for the ATTACH SVC contained in register 15.
MODESET EXTKEY=RBT234,WORKREG=2 GET CALLERS PROT KEY
Now we need to get into the storage protect key of the issuer or the SVC. For this we use the MODESET macro and specify EXTKEY=RBT234 indicating the SVC is a type 2, 3, or 4. We also specify register 2 is to be used as a work register.
GETMAIN R,LV=ATLSTSIZ+4,SP=229
*
LR R7,R1 POINT TO WORK AREA
USING ATTCHLST,R7
Now we getmain some storage to make a copy of the ATTACH parameter list. This is necessary because we will copy the parameter list and modify it before reissuing the SVC. We add four additional bytes to be used by our intercept routine. The allocated storage will be in the same key as the issuer of the SVC. The copy of the parameter area is pointed to by register 7.
MVI ATTCHLST+ATLSTSIZ,X'00' RESET AUTH SWITCH
*
TESTAUTH FCTN=1,STATE=YES,KEY=YES,RBLEVEL=2
*
LTR R15,R15 IS CALLER AUTHORIZED
BNZ AUTH010 NO - BRANCH
*
OI ATTCHLST+ATLSTSIZ,X'80' SHOW CALLER AUTHORIZED
AUTH010 DS 0H
We will need to know if the issuer of the SVC is APF authorized or not. First we set our flag byte, past the end of the parameter list, to zero indicating the caller is not authorized. Next we use the TESTAUTH macro to determine if the caller was APF authorized. We have the TESTAUTH routine check the JSCB APF authorization bit as well as checking for supervisor state and PSW protect key less than eight. If any of these conditions are true the caller is considered authorized and we set our flag bit.
MVC 0(ATLSTSIZ,R7),0(R10) COPY CALLERS PARM LIST
Now we make a copy of the ATTACH parameter list.
TM ATTCHLST+ATLSTSIZ,X'80' IS CALLER AUTHORIZED
BO AUTH020 YES - BRANCH
***********************************************************************
* RESET ALL AUTHORIZED PARAMETERS
***********************************************************************
NI ATINDS,255-(ATJSTCB+ATMODE+ATSVAREA+ATKEY+ATDISP+ATJSCB)
NI ATFLAGS1,255-ATRSAPF
XC ATJSCBA,ATJSCBA
XC ATTNSHLV,ATTNSHLV
XC ATTID,ATTID
B AUTH030 ATDISP ONLY VALID IF APF AUTH
*
*
AUTHO20 DS 0H
TM ATINDS,ATDISP WAS NO DISP SPECIFIED
BNO AUTH030 NO - BRANCH
*
OI ATTCHLST+ATLSTSIZ,X'40' REMEMBER NO DISP
AUTH030 DS 0H
If the caller is not APF authorized we clear all of the flags that are only valid for authorized callers and are ignored otherwise. If the caller is authorized we check to see if the ATDISP flag was set indicating the TCB should not be automatically made dispatchable. This is done because we will force this bit before reissuing ATTACH.
OI ATINDS,ATDISP FORCE NO DISPATCH
Now we set the ATDISP flag in our copy of the ATTACH parameter list. Setting this flag bit will make the TCB initially marked non-dispatchable. This is necessary to allow us to set the SVC screening fields in the new TCB before be begins execution.
SPKA 0 GET INTO KEY ZERO
NI TCBFLGS7,255-TCBSVCS TURN OFF SVC SCREENING
MODESET EXTKEY=RBT234,WORKREG=2 BACK TO CALLERS KEY
*
LR R15,R7 OUR UPDATED ATTACH PARM LIST
LR R1,R9 CALLERS R1
SVC 42 ATTACH
LR R11,R1 SAVE NEW TCB ADDRESS
LR R12,R15 SAVE RC
Now we get ready to reissue the ATTACH SVC. First we get back into protect key zero. Next we turn off SVC screening for the current TCB so we will not reintercept the call. We then get back into the caller’s protect key using MODESET. We restore the parameter registers 1 and 15 before call SVC 42. We then save the return parameter register values so they can be returned to our caller later.
SPKA 0 BACK TO KEY ZERO
OI TCBFLGS7,TCBSVCS TURN SVC SCREENING BACK ON
LR R1,R11 RESTORE PARM
LTR R15,R12 CHECK RC
BNZ FREEEXIT EXIT IF NOT ZERO
*
L R1,TCBSVCA2 GET SCREEN TABLE ADDRESS
DROP R4
USING TCB,R11 MAP NEW TCB
*
ST R1,TCBSVCA2 STORE SCREEN TABLE ADDR INTO TCB
OI TCBFLGS7,TCBSVCS TURN ON SVC SCREENING
Now we go back to key zero and restore SVC screening for the current TCB. We then check the return code to see if the ATTACH was successful. If it failed we can to clean up and exit. If it was successful we copy the screen table address from the current TCB into the newly created TCB and set the TCBSVCS flag to active screening.
L R15,0(,R11) POINT TO RB FOR NEW TASK
LM R0,R3,RBGRSAVE COPY REGISTERS TO NEW RB
STM R0,R3,RBGRSAVE-RBSECT(R15)
LM R0,R3,RBGRSAVE+16
STM R0,R3,RBGRSAVE-RBSECT+16(R15)
LM R0,R3,RBGRSAVE+32
STM R0,R3,RBGRSAVE-RBSECT+32(R15)
Now we copy the register contents from request block into the RB for the newly created task. This will make the initial register contents of the new task appear the same as if we had not intercepted the ATTACH SVC. It really should not make any difference since contents of the registers other than 1, 13, 14, and 15 are not guarenteed to contain any specific values. Still, by copying the contents of registers 0 through 12 we stay complete compatable with the normal operation of ATTACH.
TM ATTCHLST+ATLSTSIZ,X'80' IS CALER AUTH
BO AUTH040 YES - NO RESET NEEDED
*
L R1,TCBGRS12 GET SVRB ROUTINE R12
NI 8(R1),255-X'80' INDICATE ATTACHING TASK NOT AUTH
We have some attitional cleaup to do. Since we always reissue the ATTACH SVC and since we are always in supervisor mode when we reissue the SVC, ATTACH processing always sets up the new TCB as though it was created by an authorized program. This will cause problems when the new TCB is dispatched. If the caller is not authorized we need to reset a flag bit that is passed to the second half to ATTACH processing. When the new TCB is dispatched the initial execution point is in the ATTACH SVC where a new save area is allocated before passing control to a special entry point in the program loader. The program loader checks this flag bit to know if the caller of ATTACH was authorized or not. Since we reissued the ATTACH SVC this bit is always set. Here we reset it to reflect the state of the caller of the original SVC.
SLR R1,R1 ZERO R1
ICM R1,B'0111',ATSTAIXT ANY STAI/ESTAI
BZ AUTH040 NO - SKIP
*
L R1,TCBSTAB POINT TO SCB CHAIN
AUTH035 DS 0H
ICM R1,B'0111',1(R1) POINT TO NEXT ENTRY
BZ AUTH040 EXIT IF SCB NOT FOUND
*
USING SCB,R1
*
CLC SCBEXIT+1(3),ATSTAIXT IS THIS OUR SCB ENTRY
BNE AUTH035 NO - TRY NEXT
*
NI SCBFLGS2,255-(SCBSUPER) TURN OFF SUPER BIT
AUTH040 DS 0H
We have one last thing to clean up before we can let the new TCB dispatch. If a STAEI/ESTAI was specified on the ATTACH we need to reset the supervisor mode bit in the STAE Control Block (SCB) if our caller was not authorized. Failre to properly set this bit could allow an unauthorized program to receive control in authorized mode when the ESTAE exit is called. If a STAEI/ESTAEI exit was specified on the ATTACH we loop through the SCB chain to locate the associated SCB and clear the SCBSUPER bit.
TM ATTCHLST+ATLSTSIZ,X'40' SHOULD WE LEAVE NON-DISP
BO AUTH050 YES - BRANCH
*
STATUS RESET,ND,(R11),(12)
AUTH050 DS 0H
Now unless the caller was authorized AND specified the new task should not dispatch we now issue the STATUS macro to reset the task dispatchability status. This will allow the newly created task to begin execution.
FREEEXIT DS 0H
DROP R11
USING TCB,R4
MODESET EXTKEY=RBT234,WORKREG=2 GET INTO CALLERS KEY
*
FREEMAIN R,LV=ATLSTSIZ,A=(R7),SP=229
*
SPKA 0 BACK TO KEY ZERO
Now all that is left is to clean up before exiting. First we use MODESET to get back into the caller’s key so we can FREEMAIN the work area we previously allocated with GETMAIN. We then go back to key zero.
LR R1,R11 SET TCB ADDRESS
LR R15,R12 SET ATTACH RC
SVCEXIT DS 0H
SPKA 0 GET INTO KEY ZERO
LR R14,8 RESTORE RETURN ADDRESS
BR R14
Before exiting we need to restore the return values for register 1 and 15 that were previously saved.
IKJTCB ,
IKJRB ,
IEZATTCH ,
IEZJSCB ,
IHASCB ,
The control block mapping macros and register equates (not shown here) complete the SVC 42 intercept code.
ATTACH EP=IFOX00,ECB=ECB
ST R1,PTRTCB SAVE TCB ADDRESS
WAIT 1,ECB=ECB
DETACH PTRTCB DETACH TCB
Now if we replace the LINK=IFOX00 to an ATTACH we can test the SVC 42 intercept logic.
JOB 6912 $HASP373 RUNSVX STARTED - INIT 12 - CLASS A - SYS TCS3
JOB 6912 20.04.34 0.00.00 0.00.00 0000 RUNSVX COMPRESS
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 IHARB
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 IKJRB
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 IEZXRB
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 IEZBITS
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 IKJTCB
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 TESTAUTH
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 IHBERMAC
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 WTO
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 IHBINNRA
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 DETACH
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 WAIT
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 ATTACH
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 IHBOPLST
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 GETMAIN
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 MODESET
JOB 6912 SVC 18 R0=00096C68 R1=FFF69718 SAVE
JOB 6912 20.04.34 0.00.00 0.00.00 0000 RUNSVX ASM
JOB 6912 20.04.34 0.00.00 0.00.00 0000 RUNSVX ########
JOB 6912 $HASP395 RUNSVX ENDED
Upon execution we see that SVC 42 was intercepted and SVC screening was propagated since we are still intercepting the FIND SVC calls.