RE: [MI400] using _pcoptr proc. was: Attention Users of *SYSTEM State

["Steve Richter" <srichter@xxxxxxxxxxxxx>]

-----Original Message-----
From: mi400-bounces@xxxxxxxxxxxx [mailto:mi400-bounces@xxxxxxxxxxxx]On
Behalf Of Dave McKenzie
Sent: Thursday, March 10, 2005 3:57 PM
To: MI Programming on the AS400 / iSeries
Subject: Re: [MI400] using _pcoptr proc. was: Attention Users of *SYSTEM
State


Walden H. Leverich wrote:
> Steve said:
>>Actually, I still dont understand the system state thing.
>
>> Steve, I think the state/domain rules apply when you're using MI to
>> manipulate things. The opcodes check that you've got the appropriate
>> "rights" and either allow the operation or throw an exception. In your
>> case you're below the MI, I don't think you'll be constrained by those
>> restrictions.

>No, actually, hardware storage protection is a function of the PowerPC
>processor (thus "hardware") and exists at all levels.  There are two
>protection bits for each 4K page of memory that control what access
>(read or write) is allowed in user/system state and problem/privileged
>state.

see Walden!  Our system is unexploitable.

the higher level language compiler does add a level of protection to the
mix. In an RPG program, you cannot reference any bytes of the space prior to
the useable portion.

>I looked at the address of a *usrspc, and the codes were 2, meaning
>reads and writes were allowed in all states.  That's because protection
>is at the 4K page level, and the usable part of a *usrspc starts at
>offset x200 (which is in the first page of the *usrspc, right after the
>header Steve modified).  Since user state pgms are allowed to write to
>*usrspc's, the first page has to be unprotected.  In some future
>release, IBM could change the usable part to start at x1000 (the second
>page) and protect the first page, thus foiling Steve's exploit.

Does that mean I could change the object type of a user space to *pgm?

-Steve