4. EXCEPTIONS4.3 Detailed Exception Descriptions › 02903: CSA Assigned to Non-Standard Protect Key

Previous Topic: 02902: SQA Overflow into CSA

Next Topic: 02904: Allocated SQA Pages Exceeds Max

02903: CSA Assigned to Non-Standard Protect Key



FILE: Virtual Storage System Usage File
SAS FILE NAME: DAYS.SCPVSM01
SOURCE LOCATION: prefix.MICS.USER.SOURCE(DYRMFEXC)

SEVERITY: Impacting            (SEVERITY='I')
MANAGEMENT AREA: Performance   (MGMTAREA='PERFORMANCE')

PURPOSE:  Detect Common Storage Area (CSA) usage by programs
running in a storage protect key not usually used.

RATIONALE:  Most problem programs run in protect key 8
(except for V=R jobs that run in unique keys from 9 to F),
and system-related address spaces run in protect keys 0
through 7.  The following table shows the normal protect key
assignments in an unmodified MVS environment:

   Key    Use
   ---    -------------------------------
   0     System Control Program
   1     Job Scheduler, JES2, JES3
   2     VSPC
   3     not used
   4     not used
   5     Data Management, Access Methods
   6     Communications
   7     IMS
   8     V=V Problem Programs
   9-F   V=R Problem Programs

Normally, some protect keys are not used. For example, key 3
is not used by any of the standard IBM address spaces.
Storage protect keys below 8 can only be assigned by programs
running in the authorized state, or whose program name is
identified in the Program Properties Table (PPT).  The PPT
should be a highly secured facility in any installation since
it can be used to give system-wide authority to otherwise
unauthorized programs.  Unexplained storage key allocations
in CSA, therefore, can be an indication of a possible
security exposure, or of defective code in a properly
authorized program.

DEFINITION:  This exception is detected whenever any CSA
allocations are made for an installation-defined protect key.
EXCEPTION STATEMENTS:  The SAS statements identifying the
exception situation and describing the condition are stored
in the source member named in SOURCE LOCATION and are
described below:

/* *************************************************
**  02903 CSA ASSIGNED TO NONSTANDARD PROTECT KEY **
************************************************* */
IF VSMAkCSL
 THEN DO;
  EXCCODE='02903'; SEVERITY='I'; MGMTAREA='PERFORMANCE';
  EXCDESC1='CSA ASSIGNED TO NONSTANDARD PROTECT KEY';
  EXCDESC2='KEY k CSA=' !! PUT(VSMAkCSL,4.) !! ' KBYTES';
  LINK HIT;
END;

THRESHOLD MODIFICATION:  The user should modify the three "k"
values in the above code to the desired protect key.  A test
for CSA allocations in key 3 would appear as:

IF VSMA3CSL
 THEN DO;
  EXCCODE='02903'; SEVERITY='I'; MGMTAREA='PERFORMANCE';
  EXCDESC1='CSA ASSIGNED TO NONSTANDARD PROTECT KEY';
  EXCDESC2='KEY 3 CSA=' !! PUT(VSMA3CSL,4.) !! ' KBYTES';
  LINK HIT;
END;