摘要 |
Provides data and program integrity in a computer system by guarding against malicious program operation when using the Branch In Subspace Group instruction (BSG) of the S/390 computer architecture. System integrity is ensured by providing a controlled target space (a base space) and branch address during a BSG transfer of control (branch) from a subspace, and a different PSW key mask (PKM) for the base space than for subspaces. More specifically, (1) the PKM is reduced and a new PSW access key is set during a BSG branch from the base space to a subspace, (2) the original PKM and access key and also a return address are saved in a secure data area during the same branch, and (3), during a branch from a subspace, the original PKM and access key are restored, and the branch is made to the return address (the controlled branch address) in the base space. The method is extended to apply to a single address space by a novel Branch and Set Authority instruction (BSA) that, when executed in a base-authority state, saves a return address and base authority in a secure data area and sets a reduced-authority state; and, when executed in the reduced-authority state, branches to the saved return address, restores the saved base authority, and sets the base-authority state.
|