Enhanced hardware storage protection

Edit online

Enhanced hardware storage protection allows blocks of system information that are located on the memory to be defined as read-write, read-only, or no access.

At security level 40 and higher, the system controls how *USER state programs access these protected blocks.

Enhanced hardware storage protection is supported on all IBM® i models.

All IBM i objects, *FILE, *PGM, *JOBD, *CMD, etc. have an object domain. Object domain protection is a capability that is detected in software thus it allows a domain violation audit to occur on level 30. On level 30 the system can detect the domain setting and send an audit record when a user state program tries to access a system domain object. Enhanced Hardware Storage Protection (HSP) is different. HSP is detected by the Power® hardware and cannot be detected when the protection is turned off for an object or control block. This powerful protection is either on or off for an object or control block. On security level 30, for most objects and control blocks, it is off. It is on for everything on security level 40 and 50. There is no way to audit HSP violations on security level 30 thus the need to test your applications on security level 40 or 50. The good thing about HSP for IBM i objects and control blocks that are used by the operating system is that the objects also have a domain (so you get the security level 30 domain violation audit records). However, there are many lower-level control blocks, which are used by the Licensed Internal Code, that are not IBM i objects thus do not have an object domain (but are protected, at 40 and 50, by HSP). If an application was patched to access one of these control blocks, it fails at 40 and 50 but works at 30 (without an audit). The good thing about HSP is that when you get to security level 40 or 50, you have industry leading protection for your objects. But, to get there, you need to test on security level 40 and 50 and cannot rely on audit on security level 30 to find every potential issue.

Journal entry:

When the following conditions are met, an AF entry, violation type R, is written to the QAUDJRN journal:
  • The auditing function is active
  • The QAUDLVL system value includes *PGMFAIL
  • A program attempts to write to an area of memory protected by the enhanced hardware storage protection feature