公开(公告)号：DE3854616T2

公开(公告)日：1996-06-13

申请号：DE3854616

申请日：1988-12-12

Applicant: IBM

Inventor： BAUM RICHARD IRWIN ,  BORDEN TERRY LEE ,  BUTWELL JUSTIN RALPH ,  CLARK CARL EDWARD ,  GANEK ALAN GEORGE ,  LUM JAMES ,  MALL MICHAEL GERARD ,  PAGE DAVID RICHARD ,  PLAMBECK KENNETH ERNST ,  SCALZI CASPER ANTHONY ,  SCHMALZ RICHARD JOHN

IPC: G06F12/08 ,  G06F9/46 ,  G06F12/10 ,  G06F12/14 ,  G06F21/24 ,  G06F12/02

Abstract: A program authorization mechanism for authorizing access to an address space in the main memory of a computer system by a program being run under a multiple address space facility. An access-list entry is associated with each address space, each access-list entry being designated by an access-list-entry token contained in an access register. Each access-list entry includes a private indicator which indicates if the associated address space can be accessed by all programs from this access-list entry or if the associatd address space can only be accessed by an authorized program. For a program to be authorized, an extended authorization index in a control register must match an access-list extended authorization index in the access-list entry, or the extended authorization index value must be authorized in an authority table associated with the address space. An instruction for testing a given extended authorization index for a given access-list-entry is also disclosed.

公开(公告)号：DE3854616D1

公开(公告)日：1995-11-30

申请号：DE3854616

申请日：1988-12-12

Applicant: IBM

Inventor： BAUM RICHARD IRWIN ,  BORDEN TERRY LEE ,  BUTWELL JUSTIN RALPH ,  CLARK CARL EDWARD ,  GANEK ALAN GEORGE ,  LUM JAMES ,  MALL MICHAEL GERARD ,  PAGE DAVID RICHARD ,  PLAMBECK KENNETH ERNST ,  SCALZI CASPER ANTHONY ,  SCHMALZ RICHARD JOHN

IPC: G06F12/08 ,  G06F9/46 ,  G06F12/10 ,  G06F12/14 ,  G06F21/24 ,  G06F12/02

Abstract: A program authorization mechanism for authorizing access to an address space in the main memory of a computer system by a program being run under a multiple address space facility. An access-list entry is associated with each address space, each access-list entry being designated by an access-list-entry token contained in an access register. Each access-list entry includes a private indicator which indicates if the associated address space can be accessed by all programs from this access-list entry or if the associatd address space can only be accessed by an authorized program. For a program to be authorized, an extended authorization index in a control register must match an access-list extended authorization index in the access-list entry, or the extended authorization index value must be authorized in an authority table associated with the address space. An instruction for testing a given extended authorization index for a given access-list-entry is also disclosed.

公开(公告)号：HUT67635A

公开(公告)日：1995-04-28

申请号：HU9303459

申请日：1992-04-29

Applicant: IBM

Inventor： CLARK CARL EDWARD ,  MALL MICHAEL GERARD ,  SCALZI CASPER ANTONY ,  SINHA BHASKAR

IPC: G06F12/14 ,  G06F21/24

Abstract: Provides three access levels of storage key protection, comprising a supervisory level (key 0), an intermediate level of non-public and non-supervisory keys (keys 1-8, 10-15), and an unique public level (key 9). The program routines operating with a supervisory-level access key can access both the public level and the intermediate level of storage blocks. Although a program routine operating with an access key in the intermediary access level cannot access any supervisory level storage block, it can access any block assigned a public level storage key, as well as any storage block assigned the respective intermediate level key. One or more third-level public storage keys (PSKs) may be provided. A program access key using one of the PSK values can only access blocks having the same PSK value, and it cannot access blocks having any other key value.

公开(公告)号：DE3279452D1

公开(公告)日：1989-03-23

申请号：DE3279452

申请日：1982-10-29

Applicant: IBM

Inventor： BURK JOHN LESLIE ,  BUTWELL JUSTIN RALPH ,  CLARK CARL EDWARD ,  RODELL JOHN TED ,  STUCKI DAVID EMMETT

IPC: G06F12/14

Abstract: This invention relates to the fetch protection of a critical area in the main storage of a data processing system. The critical area is a part of a main storage block protectable by a single storage protect key having a fetch protection field. To enable different fetch protections within a special storage block, fetch protect override controls are provided which partly override the normal operation of the storage protect key for a page located at a predetermined address. While fetch protection is set on for the page's storage block, the fetch protect override controls disable fetch protection for a portion of the page's addresses, e.g. addresses 0-2047. Override enablement is controlled by a fetch protect override control bit in a control register, e.g. bit 6 of control register 0.