UUPDX1 - UPDS Security Exit (z/OS Only)

UUPDX1 is a user-written routine called by the UPDS utility program before the execution of any command entered by the terminal operator. This module allows you to define security restrictions on the use of the various functions.

The UPDS utility program is a set of logically related modules, each of which services a specific function. Therefore, each function requested by a terminal operator is logically processed by a separate module. Each of these modules issues a call to the user-written exit routine UUPDX1 before servicing the requested function. Consequently, you can restrict, permit, or eliminate any or all UPDS functions.

When UPDS is initially invoked by the terminal operator, the GETCHR function is executed. The information obtained is passed to the user-written exit routine UUPDX1 in the form of a parameter list address. This information can be further referenced in order to place additional restrictions on the use of UPDS.

Because the UUPDX1 module is only loaded once per invocation of UPDS, internal switches can be set and subsequently referenced. Note, however, that each new invocation of UPDS loads a new version of UUPDX1, causing the switches to be reset.

A dummy UUPDX1 module is distributed with the Com-plete system as a member of the distribution source and load libraries.

Note:
Only z/OS password security exists for UPDS functions if you do not establish any. Obviously, SCRATCH and RENAME functions cannot be performed in read-only libraries.

This document covers the following topics:


How to Use UUPDX1

Upon entry to UUPDX1, a set of parameters is received in the form of fullword addresses pointed to by register 1. Word 1 of the parameter list contains the address of a return code halfword initialized to zero. Word 2 contains the address of an area containing the UPDTB1 information table. This table, which passes information to the user-written exit, is described by the UPDTB1 macro (assemble sample UUPDX1 to see the layout of this area) and illustrated in UPDTB1 Information Control Block. Word 3 contains the address of the GETCHR information table. Word 4 contains the address of the library code entry in module UEDTB1, if a two-character library code was used to make the request (see UEDTB1 Entry DSECT). If no library code was entered however, the corresponding field in UEDTB1 contain binary zeros, and the address given in the parameter list must not be used.

To define security for a specific function, test for the existence of the appropriate function, establish the desired level of authorization, and set the return code pointed to by word 1 of the parameter list to indicate acceptance or rejection.

If a UPDS command has been entered that performs a modification to a file (for example, SCRATCH, RENAME), an attempt is made to allocate the file with a disposition of OLD. If this attempt is unsuccessful, an allocation of SHR is attempted. The ENQ of DISP=OLD or DISP=SHR is obtained on the queue element names of SYSDSN and SYSIEWLP; the function requested is only executed if the ENQs are successful.

UUPDX1 Conventions

The following table summarizes the UUPDX1 linkage conventions.

Feature Convention
Attributes None required.
Type Thread.
Size Restricted by the UPDS thread region size
Registers at Entry
Register 1 Address of the parameter list
Register 13 Address of an 18-fullword save area
Register 14 Return address in the calling module
Register 15 Entry address of UUPDX1
Registers at Return Registers 2 through 13 must be unchanged.
Parameters
Word 1 Address of a return code halfword for indicating the status of the request.
0 Allow the request.
4 Disallow the request.
Word 2 Address of the UPDTB1 table
Word 3 Address of the GETCHR information table
Word 4 Address of the UEDTB1 entry, if any; otherwise, binary zeros
Return Codes
0 Allow the request.
4 Disallow the request.
Considerations Is loaded once per call of UPDS.