LPAR Input/Output configurations

  • In general, I/O devices must not be shared by isolated logical partitions, since they can be used to pass information from one partition to another. There may be special cases, such as an output-only device which an installation may consider sharable after careful review of any related security risks, and defining related security procedures and processes.
  • The PCHID Summary Report, Channel Path Identifier (CHPID) Summary Report, I/O Device Report, and FID Summary Report produced by the Input/Output Configuration Program must be thoroughly examined by the Security Administrator for indications of unwanted sharing or reconfigurability of channels, devices, and FIDs.
  • A thorough review of the actual physical connections/links of the I/O configuration must be performed to establish that the physical configuration is identical to that specified in the IOCDS source file. Specific attention should be given to devices with multiple device path capability, to help ensure that one device (or control unit) does not (accidentally) connect to more than one isolated logical partition's channel paths.
  • All IOCDSs should be write-protected except for the few minutes during which they are actually updated.
  • The time stamps of the production-level IOCDSs should be recorded. By selecting the CPC and invoking the Input/Output (I/O) Configuration task, a display of the available IOCDSs will be generated. Periodic audits should be made to assure that the IOCDSs have remained unchanged.