SlideShare a Scribd company logo

Storage Protection Education

D
Daniel FitzGerald
1 of 21
Download to read offline
© 2004 IBM Corporation IBM Systems and Technology Group 1 z/VM CP Storage Management Education Series Storage Protection on z/Architecture A Brief Primer Dan FitzGerald Friday, October 16, 2009 (Revision 2)
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series2 Outline  Concept Review  Background  Key-Controlled Protection  Access-List-Controlled Protection  Page Protection  Low-Address Protection  Suppression on Protection
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series3 Concept Review  In this portion of the presentation, we will reintroduce concepts that will come up in our discussion on storage protection mechanisms.  Most of this information is available from the z/Architecture Principles of Operation, Chapter 3.  We will present this information as a series of definitions. This is intended to be a fast reference/review only, so please consult the Principles of Operation or your Connections Coach if you have any questions.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series4 Concept Review  Dynamic Address Translation (DAT) – The process via which we handle virtual memory  Program Status Word (PSW) – Contains information used in the execution of the currently active program  Access Registers – A special set of 16 registers, one for each general purpose register. For use with AR Mode  AR Mode – Uses the access registers when doing base displacement addressing Determined by bits 16 and 17 of the PSW
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series5 Concept Review  There are four different types of addresses that we will encounter in z/Architecture. They are known as “absolute”, “real”, “virtual” and “logical.” Additionally, we will hear about “effective” addresses.  Absolute Address – The address assigned to a main storage location These are the unmodified, “actual” addresses of bytes in storage.  Real Address – Identifies a location in real storage When a real address is used for an access into main storage, prefixing may be used to convert it into an absolute address
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series6 Concept Review  Virtual Address – Identifies a location in virtual storage When a virtual address is used for an access to main storage, it is translated by means of dynamic address translation (DAT) to a real address, which is then prefixed to an absolute address.  Logical Address – Your addresses are translated within whatever mode the architecture is set to In z/Architecture, a specific address mode can be set. For example, your machine may be set to “real address mode”. In this case, your logical addresses will be treated as real addresses. Unless otherwise specified, the storage-operand addresses for most instructions are logical addresses.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series7 Concept Review  Effective Address – The address which exists before any transformation by dynamic address translation or any prefixing is performed  Instruction Address – Addresses used to fetch instructions from storage
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series8 Background  z/Architecture has four means of protecting the contents of main storage from tampering by either malicious or errant programs Key-controlled protection Access-list-controlled protection Page protection Low-address protection  These are used in conjunction with (not exclusive of) one another.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series9 Background  A storage key is associated with each 4K block of storage on the system:  ACC – Access-Control Bits These are matched with a four bit access key when information is stored and when information is fetched from a location that is protected against fetching.  F – Fetch-Protection Bit Controls whether key-controlled protection applies to fetch-type references
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series10 Background  F – Fetch-Protection Bit (cont'd.) A zero indicates that only store-type references are monitored and that fetching with any access key is permitted. A one indicates that key-controlled protection applies to both fetching and storing.  R – Reference Bit Whenever the associated storage block is referenced, this is set to one.  C – Change Bit Each time the associated storage block (always a page or a frame on z/VM) is modified, this is set to one.  Note that storage keys are not part of addressable storage In z/VM, these are analogous to the guest storage keys found in the PGSTE block associated with a given page table entry
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series11 Key-Controlled Protection  So just what is an “access key”, anyway? Well, its a key. To store or fetch to a protected page, the access key must either match the storage key, or be set to zero.  What constitutes an access key differs depending on the manner of access: Access to storage initiated by the CPU Access to storage for the purpose of channel-program execution Access to the measurement block for channel-subsystem monitoring  Additionally, depending on the type of access, different things happen should protection prohibit the action.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series12 Key-Controlled Protection  Access to storage initiated by the CPU Access Key - can be found in the PSW key (bits 8-11 of the PSW) Prohibitive Action – execution of the instruction is terminated and a protection exception is issued (this is a program interrupt)  Access to storage for the purpose of channel-program execution Access Key - the subchannel key associated with the calling channel program. On z/VM, this can be found in bit 4 of the operation request block (ORBLK). Prohibitive Action – the start function is ended and the protection check bit in the associated interruption response block (IRB) is set to one.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series13 Key-Controlled Protection  Access to the measurement block for channel-subsystem monitoring Access Key - an access to the measurement block is made; use the measurement block key Prohibitive Action – the I/O measurement-block protection check condition is set to one  In general, when a store is prohibited because of a protection lock violation, the contents of the target location remain unchanged.  When a fetch request causes the violation, the protected data is left unchanged in storage.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series14 Key-Controlled Protection  Here's an odd case: As you know, on program load, your entire program is loaded from disk and into storage. Suppose that the key for a page of your program got changed... Yes, it is possible for an instruction fetch to violate key protection. This is generally bad. For a prohibited instruction fetch, the instruction is suppressed and an arbitrary instruction-length code is returned.  Key-controlled protection does not apply when the storage- protection control bit is one and the value of the access control bits is 9.  There are two override controls: Storage-Protection Override Fetch-Protection Override
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series15 Key-Controlled Protection  Storage-Protection Override Control – When active, key- controlled storage protection is ignored for storage locations having an associated storage-key value of 9. Bit 39 of Control Register 0 Applies to instruction fetch and to the fetch and store accesses of instructions whose operand addresses are logical, virtual or real.  Fetch-Protection Override Control – When active, fetch protection is ignored for locations at effective addresses 0- 2047 Bit 38 of Control Register 0 Fetch Protection is not ignored if the effective address is subject to DAT and the private-space control is active (Bit 55 of the address- space-control element).
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series16 Key-Controlled Protection  Fetch-Protection Override Control (cont'd.) This applies to instruction fetch and the fetch accesses of instructions whose operand addresses are logical, virtual or real. It does not apply to fetch accesses made for the purpose of channel- subsystem monitoring.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series17 Access-List-Controlled Protection  In AR mode, the fetch-only bit (bit 6 of the access-list entry) controls which types of references are allowed into the specified address space. When the fetch-only bit is zero, both fetches and stores are permitted When the bit is one, only fetches are allowed. Any attempt to store causes a protection exception (an interrupt) to be issued and the execution of the instruction will be suppressed.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series18 Page Protection  The page protection facility controls access to virtual storage via the page-protection bit in each page-table and segment- table entry.  Bit 54 of the page table entry  Controls whether storing into a given page is permitted When zero, both fetching and storing are permitted When one, only fetching is permitted  When an attempt to store violates page protection, the contents of the page remain unchanged, the operation/instruction is suppressed and an protection exception (interruption) is issued.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series19 Page Protection  The page protection bit of the segment-table entry is treated as being OR'd into the page-protection bit position of each entry of the page table designated by the segment-table entry.  In effect, when the page-protection bit of the segment table entry is one, it has the same effect as having the page- protection bit in each entry of the designated page table.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series20 Low-Address Protection  Protects against the destruction of main-storage information used by the CPU during interruption processing.  Controlled by bit 53 of Control Register 0  Instructions are prohibited from storing with effective addresses in the ranges 0-511 and 4096-4607 These are the first 512 bytes of each of the first two 4K pages  Low-address protection does not apply if the address-space- control element to be used is not available due to another type of exception.  This protection is not applied to access made by the CPU or the channel subsystem for such sequences as interruptions.
IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series21 Suppression on Protection  In layman's terms, when we suppress an instruction we present the generated exception to the calling program and ignore the instruction.  When is an operation suppressed? Some instruction definitions specify that the operation is always suppressed if any sort of protection exception is generated. Otherwise, we will always suppress an instruction if a protection exception due to access-list controlled protection or page protection is recognized.  The suppression function allows the control program to locate the segment-table entry and page-table entry used in the translation of a virtual address that caused a protection exception, in order to determine if the exception was due to page protection. The CP also has the ability to avoid this if the address was not virtual or due to access-list-controlled protection.

Recommended

Prefixing Education
Prefixing EducationPrefixing Education
Prefixing Education
Daniel FitzGerald
 
APLICACIONES LED DE USO INDUSTRIAL
APLICACIONES LED DE USO INDUSTRIALAPLICACIONES LED DE USO INDUSTRIAL
APLICACIONES LED DE USO INDUSTRIAL
Sonaray Perú Iluminación Led Para Industrias
 
Myths and realities about designing high availability data centers
Myths and realities about designing high availability data centersMyths and realities about designing high availability data centers
Myths and realities about designing high availability data centers
Morrison Hershfield
 
أحدث صيانة وايت وستنجهاوس
أحدث صيانة وايت وستنجهاوس أحدث صيانة وايت وستنجهاوس
أحدث صيانة وايت وستنجهاوس
Nona1989
 
Shutter speeds and apertures for tes
Shutter speeds and apertures for tesShutter speeds and apertures for tes
Shutter speeds and apertures for tes
Ian Moss
 
Industria iraultza sarea
Industria iraultza sareaIndustria iraultza sarea
Industria iraultza sarea
maisuborja
 
04 empalis -ibm_spectrum_protect_-_strategy_and_directions
04 empalis -ibm_spectrum_protect_-_strategy_and_directions04 empalis -ibm_spectrum_protect_-_strategy_and_directions
04 empalis -ibm_spectrum_protect_-_strategy_and_directions
xKinAnx
 
z/OS Encryption Readiness Technology (zERT)
z/OS Encryption Readiness Technology (zERT) z/OS Encryption Readiness Technology (zERT)
z/OS Encryption Readiness Technology (zERT)
zOSCommserver
 

Recommended

Prefixing Education
Prefixing EducationPrefixing Education
Prefixing Education
Daniel FitzGerald
 
APLICACIONES LED DE USO INDUSTRIAL
APLICACIONES LED DE USO INDUSTRIALAPLICACIONES LED DE USO INDUSTRIAL
APLICACIONES LED DE USO INDUSTRIAL
Sonaray Perú Iluminación Led Para Industrias
 
Myths and realities about designing high availability data centers
Myths and realities about designing high availability data centersMyths and realities about designing high availability data centers
Myths and realities about designing high availability data centers
Morrison Hershfield
 
أحدث صيانة وايت وستنجهاوس
أحدث صيانة وايت وستنجهاوس أحدث صيانة وايت وستنجهاوس
أحدث صيانة وايت وستنجهاوس
Nona1989
 
Shutter speeds and apertures for tes
Shutter speeds and apertures for tesShutter speeds and apertures for tes
Shutter speeds and apertures for tes
Ian Moss
 
Industria iraultza sarea
Industria iraultza sareaIndustria iraultza sarea
Industria iraultza sarea
maisuborja
 
04 empalis -ibm_spectrum_protect_-_strategy_and_directions
04 empalis -ibm_spectrum_protect_-_strategy_and_directions04 empalis -ibm_spectrum_protect_-_strategy_and_directions
04 empalis -ibm_spectrum_protect_-_strategy_and_directions
xKinAnx
 
z/OS Encryption Readiness Technology (zERT)
z/OS Encryption Readiness Technology (zERT) z/OS Encryption Readiness Technology (zERT)
z/OS Encryption Readiness Technology (zERT)
zOSCommserver
 
DAT Education
DAT EducationDAT Education
DAT Education
Daniel FitzGerald
 
IBM Cloud Storage Options
IBM Cloud Storage OptionsIBM Cloud Storage Options
IBM Cloud Storage Options
Tony Pearson
 
IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18
IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18
IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18
Pawel Maczka
 
AmitFru_OpenSource_SMB_Compliance_Test_Suite
AmitFru_OpenSource_SMB_Compliance_Test_SuiteAmitFru_OpenSource_SMB_Compliance_Test_Suite
AmitFru_OpenSource_SMB_Compliance_Test_Suite
Yogesh Kulkarni
 
Emc vi pr controller tecnical customer presentation
Emc vi pr controller tecnical customer presentationEmc vi pr controller tecnical customer presentation
Emc vi pr controller tecnical customer presentation
xKinAnx
 
Address Spaces Education
Address Spaces EducationAddress Spaces Education
Address Spaces Education
Daniel FitzGerald
 
EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...
EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...
EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...
Principled Technologies
 
The Future of Storage : EMC Software Defined Solution
The Future of Storage : EMC Software Defined Solution The Future of Storage : EMC Software Defined Solution
The Future of Storage : EMC Software Defined Solution
RSD
 
Emc storag
Emc storagEmc storag
Emc storag
Mahamudul Hassan
 
System Z operating system
System Z operating systemSystem Z operating system
System Z operating system
Arpana shree
 
Sklm webinar
Sklm webinarSklm webinar
Sklm webinar
Luigi Perrone
 
Emc vplex deep dive
Emc vplex deep diveEmc vplex deep dive
Emc vplex deep dive
solarisyougood
 
Xiv 4Q13
Xiv 4Q13Xiv 4Q13
Xiv 4Q13
Jinesh Shah
 
Blbs sb-bloombase-turnkey-data-at-rest-security-compliance-solution-for-emc-v...
Blbs sb-bloombase-turnkey-data-at-rest-security-compliance-solution-for-emc-v...Blbs sb-bloombase-turnkey-data-at-rest-security-compliance-solution-for-emc-v...
Blbs sb-bloombase-turnkey-data-at-rest-security-compliance-solution-for-emc-v...
Bloombase
 
Emc vi pr controller customer presentation
Emc vi pr controller customer presentationEmc vi pr controller customer presentation
Emc vi pr controller customer presentation
solarisyougood
 
Emc vipr srm workshop
Emc vipr srm workshopEmc vipr srm workshop
Emc vipr srm workshop
solarisyougood
 
Automating security hardening
Automating security hardeningAutomating security hardening
Automating security hardening
Ugljesa Novak, CISSP
 
IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14
blusmurfydot1
 
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
FFRI, Inc.
 
Speed Up Synchronization Locks: How and Why?
Speed Up Synchronization Locks: How and Why?Speed Up Synchronization Locks: How and Why?
Speed Up Synchronization Locks: How and Why?
psteinb
 

More Related Content

Similar to Storage Protection Education

IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18
IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18
IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18
Pawel Maczka
 
AmitFru_OpenSource_SMB_Compliance_Test_Suite
AmitFru_OpenSource_SMB_Compliance_Test_SuiteAmitFru_OpenSource_SMB_Compliance_Test_Suite
AmitFru_OpenSource_SMB_Compliance_Test_Suite
Yogesh Kulkarni
 
EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...
EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...
EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...
Principled Technologies
 
IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14
blusmurfydot1
 

Similar to Storage Protection Education (20)

DAT Education
DAT EducationDAT Education
DAT Education
 
IBM Cloud Storage Options
IBM Cloud Storage OptionsIBM Cloud Storage Options
IBM Cloud Storage Options
 
IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18
IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18
IBM Spectrum Protect and IBM Spectrum Protect Plus - What's new! June '18
 
AmitFru_OpenSource_SMB_Compliance_Test_Suite
AmitFru_OpenSource_SMB_Compliance_Test_SuiteAmitFru_OpenSource_SMB_Compliance_Test_Suite
AmitFru_OpenSource_SMB_Compliance_Test_Suite
 
Emc vi pr controller tecnical customer presentation
Emc vi pr controller tecnical customer presentationEmc vi pr controller tecnical customer presentation
Emc vi pr controller tecnical customer presentation
 
Address Spaces Education
Address Spaces EducationAddress Spaces Education
Address Spaces Education
 
EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...
EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...
EMC XtremIO storage array 4.0 and VMware vSphere 6.0: Scaling mixed-database ...
 
The Future of Storage : EMC Software Defined Solution
The Future of Storage : EMC Software Defined Solution The Future of Storage : EMC Software Defined Solution
The Future of Storage : EMC Software Defined Solution
 
Emc storag
Emc storagEmc storag
Emc storag
 
System Z operating system
System Z operating systemSystem Z operating system
System Z operating system
 
Sklm webinar
Sklm webinarSklm webinar
Sklm webinar
 
Emc vplex deep dive
Emc vplex deep diveEmc vplex deep dive
Emc vplex deep dive
 
Xiv 4Q13
Xiv 4Q13Xiv 4Q13
Xiv 4Q13
 
Blbs sb-bloombase-turnkey-data-at-rest-security-compliance-solution-for-emc-v...
Blbs sb-bloombase-turnkey-data-at-rest-security-compliance-solution-for-emc-v...Blbs sb-bloombase-turnkey-data-at-rest-security-compliance-solution-for-emc-v...
Blbs sb-bloombase-turnkey-data-at-rest-security-compliance-solution-for-emc-v...
 
Emc vi pr controller customer presentation
Emc vi pr controller customer presentationEmc vi pr controller customer presentation
Emc vi pr controller customer presentation
 
Emc vipr srm workshop
Emc vipr srm workshopEmc vipr srm workshop
Emc vipr srm workshop
 
Automating security hardening
Automating security hardeningAutomating security hardening
Automating security hardening
 
IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14
 
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
 
Speed Up Synchronization Locks: How and Why?
Speed Up Synchronization Locks: How and Why?Speed Up Synchronization Locks: How and Why?
Speed Up Synchronization Locks: How and Why?
 

Storage Protection Education

  • 1. © 2004 IBM Corporation IBM Systems and Technology Group 1 z/VM CP Storage Management Education Series Storage Protection on z/Architecture A Brief Primer Dan FitzGerald Friday, October 16, 2009 (Revision 2)
  • 2. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series2 Outline  Concept Review  Background  Key-Controlled Protection  Access-List-Controlled Protection  Page Protection  Low-Address Protection  Suppression on Protection
  • 3. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series3 Concept Review  In this portion of the presentation, we will reintroduce concepts that will come up in our discussion on storage protection mechanisms.  Most of this information is available from the z/Architecture Principles of Operation, Chapter 3.  We will present this information as a series of definitions. This is intended to be a fast reference/review only, so please consult the Principles of Operation or your Connections Coach if you have any questions.
  • 4. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series4 Concept Review  Dynamic Address Translation (DAT) – The process via which we handle virtual memory  Program Status Word (PSW) – Contains information used in the execution of the currently active program  Access Registers – A special set of 16 registers, one for each general purpose register. For use with AR Mode  AR Mode – Uses the access registers when doing base displacement addressing Determined by bits 16 and 17 of the PSW
  • 5. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series5 Concept Review  There are four different types of addresses that we will encounter in z/Architecture. They are known as “absolute”, “real”, “virtual” and “logical.” Additionally, we will hear about “effective” addresses.  Absolute Address – The address assigned to a main storage location These are the unmodified, “actual” addresses of bytes in storage.  Real Address – Identifies a location in real storage When a real address is used for an access into main storage, prefixing may be used to convert it into an absolute address
  • 6. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series6 Concept Review  Virtual Address – Identifies a location in virtual storage When a virtual address is used for an access to main storage, it is translated by means of dynamic address translation (DAT) to a real address, which is then prefixed to an absolute address.  Logical Address – Your addresses are translated within whatever mode the architecture is set to In z/Architecture, a specific address mode can be set. For example, your machine may be set to “real address mode”. In this case, your logical addresses will be treated as real addresses. Unless otherwise specified, the storage-operand addresses for most instructions are logical addresses.
  • 7. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series7 Concept Review  Effective Address – The address which exists before any transformation by dynamic address translation or any prefixing is performed  Instruction Address – Addresses used to fetch instructions from storage
  • 8. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series8 Background  z/Architecture has four means of protecting the contents of main storage from tampering by either malicious or errant programs Key-controlled protection Access-list-controlled protection Page protection Low-address protection  These are used in conjunction with (not exclusive of) one another.
  • 9. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series9 Background  A storage key is associated with each 4K block of storage on the system:  ACC – Access-Control Bits These are matched with a four bit access key when information is stored and when information is fetched from a location that is protected against fetching.  F – Fetch-Protection Bit Controls whether key-controlled protection applies to fetch-type references
  • 10. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series10 Background  F – Fetch-Protection Bit (cont'd.) A zero indicates that only store-type references are monitored and that fetching with any access key is permitted. A one indicates that key-controlled protection applies to both fetching and storing.  R – Reference Bit Whenever the associated storage block is referenced, this is set to one.  C – Change Bit Each time the associated storage block (always a page or a frame on z/VM) is modified, this is set to one.  Note that storage keys are not part of addressable storage In z/VM, these are analogous to the guest storage keys found in the PGSTE block associated with a given page table entry
  • 11. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series11 Key-Controlled Protection  So just what is an “access key”, anyway? Well, its a key. To store or fetch to a protected page, the access key must either match the storage key, or be set to zero.  What constitutes an access key differs depending on the manner of access: Access to storage initiated by the CPU Access to storage for the purpose of channel-program execution Access to the measurement block for channel-subsystem monitoring  Additionally, depending on the type of access, different things happen should protection prohibit the action.
  • 12. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series12 Key-Controlled Protection  Access to storage initiated by the CPU Access Key - can be found in the PSW key (bits 8-11 of the PSW) Prohibitive Action – execution of the instruction is terminated and a protection exception is issued (this is a program interrupt)  Access to storage for the purpose of channel-program execution Access Key - the subchannel key associated with the calling channel program. On z/VM, this can be found in bit 4 of the operation request block (ORBLK). Prohibitive Action – the start function is ended and the protection check bit in the associated interruption response block (IRB) is set to one.
  • 13. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series13 Key-Controlled Protection  Access to the measurement block for channel-subsystem monitoring Access Key - an access to the measurement block is made; use the measurement block key Prohibitive Action – the I/O measurement-block protection check condition is set to one  In general, when a store is prohibited because of a protection lock violation, the contents of the target location remain unchanged.  When a fetch request causes the violation, the protected data is left unchanged in storage.
  • 14. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series14 Key-Controlled Protection  Here's an odd case: As you know, on program load, your entire program is loaded from disk and into storage. Suppose that the key for a page of your program got changed... Yes, it is possible for an instruction fetch to violate key protection. This is generally bad. For a prohibited instruction fetch, the instruction is suppressed and an arbitrary instruction-length code is returned.  Key-controlled protection does not apply when the storage- protection control bit is one and the value of the access control bits is 9.  There are two override controls: Storage-Protection Override Fetch-Protection Override
  • 15. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series15 Key-Controlled Protection  Storage-Protection Override Control – When active, key- controlled storage protection is ignored for storage locations having an associated storage-key value of 9. Bit 39 of Control Register 0 Applies to instruction fetch and to the fetch and store accesses of instructions whose operand addresses are logical, virtual or real.  Fetch-Protection Override Control – When active, fetch protection is ignored for locations at effective addresses 0- 2047 Bit 38 of Control Register 0 Fetch Protection is not ignored if the effective address is subject to DAT and the private-space control is active (Bit 55 of the address- space-control element).
  • 16. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series16 Key-Controlled Protection  Fetch-Protection Override Control (cont'd.) This applies to instruction fetch and the fetch accesses of instructions whose operand addresses are logical, virtual or real. It does not apply to fetch accesses made for the purpose of channel- subsystem monitoring.
  • 17. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series17 Access-List-Controlled Protection  In AR mode, the fetch-only bit (bit 6 of the access-list entry) controls which types of references are allowed into the specified address space. When the fetch-only bit is zero, both fetches and stores are permitted When the bit is one, only fetches are allowed. Any attempt to store causes a protection exception (an interrupt) to be issued and the execution of the instruction will be suppressed.
  • 18. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series18 Page Protection  The page protection facility controls access to virtual storage via the page-protection bit in each page-table and segment- table entry.  Bit 54 of the page table entry  Controls whether storing into a given page is permitted When zero, both fetching and storing are permitted When one, only fetching is permitted  When an attempt to store violates page protection, the contents of the page remain unchanged, the operation/instruction is suppressed and an protection exception (interruption) is issued.
  • 19. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series19 Page Protection  The page protection bit of the segment-table entry is treated as being OR'd into the page-protection bit position of each entry of the page table designated by the segment-table entry.  In effect, when the page-protection bit of the segment table entry is one, it has the same effect as having the page- protection bit in each entry of the designated page table.
  • 20. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series20 Low-Address Protection  Protects against the destruction of main-storage information used by the CPU during interruption processing.  Controlled by bit 53 of Control Register 0  Instructions are prohibited from storing with effective addresses in the ranges 0-511 and 4096-4607 These are the first 512 bytes of each of the first two 4K pages  Low-address protection does not apply if the address-space- control element to be used is not available due to another type of exception.  This protection is not applied to access made by the CPU or the channel subsystem for such sequences as interruptions.
  • 21. IBM Systems and Technology Group © 2004 IBM Corporation 04/27/15 z/VM CP Storage Management Education Series21 Suppression on Protection  In layman's terms, when we suppress an instruction we present the generated exception to the calling program and ignore the instruction.  When is an operation suppressed? Some instruction definitions specify that the operation is always suppressed if any sort of protection exception is generated. Otherwise, we will always suppress an instruction if a protection exception due to access-list controlled protection or page protection is recognized.  The suppression function allows the control program to locate the segment-table entry and page-table entry used in the translation of a virtual address that caused a protection exception, in order to determine if the exception was due to page protection. The CP also has the ability to avoid this if the address was not virtual or due to access-list-controlled protection.