SVC screening provides a way of screening (or intercepting) SVC calls at the task level.\u00a0 A SVC screen table is created and the address is placed in a TCB.\u00a0 Any SVC calls from that task that are marked for screening will be intercepted.\u00a0 Control is passed to the screen routine from the SVC interrupt handler in exactly the same way SVC routines are invoked.<\/p>\n
There are several implications of SVC screening.\u00a0 First we can easily test new SVC code without the need to IPL and perfrom a CLPA or MLPA.\u00a0 Also the SVC code is only active for tasks were the screening is activated.\u00a0 With SVC screening we can test a new SVC routine or replace an existing SVC routine.\u00a0 This applies to both user and system SVC routines.\u00a0 It also provides a method to front-end SVC calls.<\/p>\n
There are two fields in the TCB related to SVC screening.\u00a0 TCBSVCS is a bit in the TCBFLGS7 field that indicates SVC screening is active if set to one or inactive if set to zero.\u00a0 TCBSVCA2 is the pointer to the SVC screen table.\u00a0 The screen table is 264 bytes long.\u00a0 The first four bytes are the address of the SVC intercept routine that receives control when a screened SVC is invoked by the task.\u00a0 The next four bytes\u00a0 are flags that indicate the attributes of the SVC routine.\u00a0 The first flag byte indicates the SVC type (X’00’ – Type 1, X’80’ – Type 1, X’C0′ – Type 3\/4)\u00a0 The second flag byte is not used and should be binary zeros.\u00a0 The third and fourth flag bytes indicate the locks to be obtained before passing control to the SVC routine.\u00a0 Binary zeros indicate no locks are to be obtained.\u00a0 The next 256 bytes indicate which SVC numbers should be intercepted.\u00a0 Each byte is a flag for a SVC number.\u00a0 If the byte is set to X’80’ then the SVC is not to be intercepted.\u00a0 If they byte is set to X’00’ then the SVC should be intercepted.\u00a0\u00a0 The SVC type and locks flags apply to all intercepted SVC numbers.<\/p>\n
We now have enough information to write some code to test SVC screening.<\/p>\n
SVC02 CSECT , \r\n SAVE (14,12),,SVC02 SAVE CALLERS REGISTERS \r\n* \r\n LR R12,R15 ESTABLISH \r\n USING SVC02,R12 BASE REGISTER \r\n* \r\n LA R1,SAVEA CHAIN \r\n ST R1,8(,R13) NEW \r\n ST R13,4(,R1) SAVE \r\n LR R13,R1 AREA \r\n*<\/pre>\nWe start with our standard program linkage.<\/p>\n
LA R1,=C'AUTH' GET APF AUTHORIZATION \r\n SVC 245 \r\n* \r\n MODESET MODE=SUP GET INTO SUPERVISOR MODE \r\n* \r\n LA R1,0 RESET APF AUTHORIZATION \r\n SVC 245<\/pre>\nNext we obtain APF authorization using the SVC I have installed on my system for testing. You could also run from an APF authorized library. Once APF authorized the MODESET macro is used to swap into supervisor mode and then I clear the APF authorization. This is not really necessary and it shouldnt be necessary to reset it.<\/p>\n
IPK , GET PSW PROTECT KEY \r\n LR R11,R2 SAVE PK IN R11 \r\n* \r\n SPKA 0 GET INTO KEY ZERO<\/pre>\nNext I save the current protect key from the PSW using the IPK instruction. The protect key is placed into register 2 so I copy it to register 11 to save it. I then use the SPKA instruction to get into protect key zero.<\/p>\n
GETMAIN R,LV=264,SP=253<\/pre>\nNow we getmain some stroage for our SVC screen table. I use subpool 253 which is Fixed LSQA. This storage is task related and will automaticaly be freed when the task terminates. The storage is not fetch protected and is in key zero.<\/p>\n
LR R3,R1 SAVE STORAGE ADDRESS \r\n XC 0(8,R3),0(R3) CLEAR FIRST 8 BYTES \r\n LA R1,SVCINT ADDRESS OF SVC INTERCEPT RTN \r\n ST R1,0(,R3) SAVE INTO PARMAMETER BLOCK \r\n MVI 4(R3),X'C0' INDICATE TYPE 3\/4 SVC<\/pre>\nThe address of the LSQA storage is copied into register 3 and the first 8 bytes are zeroed out. The address of the routine to receive control from the SVC interrupt handler is placed in the first four bytes. The first flag byte is set to X’C0′ to indicate a Type 3\/4 SVC. The lock flags are zero indicating no locks should be obtained.<\/p>\n
LA R2,8(,R3) POINT TO 256 BYTE SVC LIST \r\n LA R1,256 \r\nINITLOOP DS 0H \r\n MVI 0(R2),X'80' INITIALIZE TO DO NOT INTERCEPT\r\n LA R2,1(,R2) NEXT BYTE \r\n BCT R1,INITLOOP LOOP BACK<\/pre>\nNow we initialize the 256 byte list. Each byte in the list represents one SVC number. The first byte is for SVC 0, the next for SVC 1 and so on. We set each to a value of X’80’ so the SVC is not intercepted.<\/p>\n
* \r\n LA R2,8(,R3) POINT TO 256 BYTE SVC LIST\r\n MVI 230(R2),X'00' INTERCEPT SVC 230 \r\n *<\/pre>\nNow we indicate which SVC requests should be intercepted by setting the corresponding byte to X’00’. I chose to use SVC 230 because it is currently unused on my system. I does not matter how the SVC is defined in the SYSGEN since it is ignored for SVC screening.\u00a0 Caution should be used to not accidently intercept a SVC that is currently in use on your system.<\/p>\n
* \r\n L R2,16 CVT \r\n L R2,0(,R2) OLD\/NEW POINTER \r\n L R2,4(,R2) TCB ADDRESS \r\n USING TCB,R2 \r\n* \r\n ST R3,TCBSVCA2 STORE SCREEN TABLE ADDRESS INTO TCB\r\n OI TCBFLGS7,TCBSVCS TURN ON SVC SCREENING<\/pre>\nNow we locate the address of our current TCB and store the address of the screen table into the TCBSVCA2 field.\u00a0 Next we set the TCBSVCS bit to activate screening.<\/p>\n
SPKA 0(R11) RESTORE PROTECT KEY \r\n* \r\n SVC 230 SHOULD BE CAPTURED BY SVC SCREENING<\/pre>\nNow we can restore our PSW protect key.\u00a0 It is always a good idea to only operate in key zero only when necessary.\u00a0 Now we issue SVC 230 to test our SVC screening intercept.<\/p>\n
L R13,4(,R13) UNCHAIN SAVE AREA \r\n LM R14,R12,12(R13) RESTORE CALLERS REGISTERS \r\n SLR R15,R15 ZERO RC \r\n BR R14 RETURN TO CALLER<\/pre>\nNow we can exit back to the caller.<\/p>\n
SVCINT DS 0H \r\n USING SVCINT,R6 SET BASE REGISTER \r\n* \r\n LR R11,R14 SAVE RETURN ADDRESS \r\n* \r\n WTO 'HELLO FROM SVC SCREEN ROUTINE',ROUTCDE=(1,11)\r\n* \r\n LR R14,R11 RESTORE RETURN ADDRESS \r\n BR R14 EXIT SVC ROUTINE<\/pre>\nHere is our SVC intercept routine.\u00a0 The register contents are standard for a SVC routine.\u00a0 We use register 6 as our base register.\u00a0 The return address is saved in register 11.\u00a0 All our SVC routine does is issue a WTO to write a message to the console.\u00a0 Since we defined our SVC intercept as a Type 3\/4 our SVC routine can issue SVC calls.\u00a0 We then exit back to our caller.<\/p>\n
SAVEA DS 18F REGISTER SAVE AREA\r\n* \r\n LTORG , \r\n* \r\n PRINT NOGEN \r\n IKJTCB DSECT=YES,LIST=NO \r\n* \r\nR0 EQU 0 \r\nR1 EQU 1 \r\nR2 EQU 2 \r\nR3 EQU 3 \r\nR4 EQU 4 \r\nR5 EQU 5 \r\nR6 EQU 6 \r\nR7 EQU 7 \r\nR8 EQU 8 \r\nR9 EQU 9 \r\nR10 EQU 10 \r\nR11 EQU 11 \r\nR12 EQU 12 \r\nR13 EQU 13 \r\nR14 EQU 14 \r\nR15 EQU 15 \r\n* \r\n END ,<\/pre>\nWe finish up with our data areas and register equates.<\/p>\n
JOB 6828 $HASP373 SVC02 STARTED - INIT 12 - CLASS A - SYS TCS3 \r\nJOB 6828 HELLO FROM SVC SCREEN ROUTINE \r\nJOB 6828 9.21.07 0.00.00 0.00.00 0000 SVC02 MVSSP \r\nJOB 6828 9.21.07 0.00.00 0.00.00 0000 SVC02 ######## \r\nJOB 6828 $HASP395 SVC02 ENDED<\/pre>\nNow we can assemble, link edit, and execute and we get our message. We have successfully intercepted SVC 230.<\/p>\n
* OI TCBFLGS7,TCBSVCS TURN ON SVC SCREENING<\/pre>\nJust to prove that we are really intercepting a SVC call I commented out the line that sets the TCBSVCS bit so that SVC screening is not active.\u00a0 Upon assembling, link editing, and executing we get:<\/p>\n
JOB 6831 $HASP100 SVC02 ON INTRDR RUN TEST PGM \r\nJOB 6831 $HASP373 SVC02 STARTED - INIT 12 - CLASS A - SYS TCS3\r\nJOB 6831 IEF450I SVC02 MVSSP - ABEND SFE6 U0000 - TIME=08.23.57 \r\nJOB 6831 8.23.57 0.00.00 0.00.00 SFE6 SVC02 MVSSP \r\nJOB 6831 8.23.57 0.00.00 0.00.00 SFE6 SVC02 ######## \r\nJOB 6831 $HASP395 SVC02 ENDED<\/pre>\nA System ABEND FE6 indicates that SVC X’F6′ (230 decimal) was called but the SVC routine is not installed.<\/p>\n","protected":false},"excerpt":{"rendered":"
SVC screening provides a way of screening (or intercepting) SVC calls at the task level.\u00a0 A SVC screen table is created and the address is placed in a TCB.\u00a0 Any SVC calls from that task that are marked for screening will be intercepted.\u00a0 Control is passed to the screen routine from the SVC interrupt handler …<\/p>\n