MF65169 - LIC Spectre and Meltdown speculation barrier functions
PTF ( Program Temporary Fixes ) Cover letter
LIC Spectre and Meltdown speculation barrier functions
Pre/Co-Requisite PTF / Fix List
REQ LICENSED PTF/FIX LEVEL
TYPE PROGRAM RELEASE NUMBER MIN/MAX OPTION
---- -------- --------- ------- ------- ------
PRE 5770999 V7R2M0 MF65010 00/00 0000
Application of this PTF may disable or render ineffective programs that
use system memory addresses not generated by the IBM translator,
including programs that circumvent control technology designed to limit
interactive capacity to purchased levels. This PTF may be a prerequisite
for future PTFs. By applying this PTF you authorize and agree to the
This PTF is subject to the terms of the 'IBM License Agreement for Machine
Code', the terms of which were provided in a printed document that was
delivered with the machine.
SUBJECT TO ANY WARRANTIES WHICH CAN NOT BE EXCLUDED OR EXCEPT AS EXPLICITLY
AGREED TO IN THE APPLICABLE LICENSE AGREEMENT OR AN APPLICABLE SUPPORT
AGREEMENT, IBM MAKES NO WARRANTIES OR CONDITIONS EITHER EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OR CONDITIONS OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON INFRINGEMENT,
REGARDING THE PTF.
APAR Error Description / Circumvention
IBM has released this PTF in response to CVE-2017-5753,
CVE-2017-5715, CVE-2017-5754, and CVE-2018-3639.
CORRECTION FOR APAR MA47096 :
The first parameter of the SYNCSTG machine interface (MI)
instruction will support new values 3 through 6. If you do not
control the source code for your programs, there is nothing
additional you need to do. If you do control the source code
for your programs and if you choose to place invocations of this
MI instruction in your program's source code, they will provide
the functions described below. The new values of this
instruction can only be invoked from an Integrated Language
Environment (ILE) program or service program.
Use of value 3, on versions of the hardware containing the
latest security patches, can be used to insert a machine
speculation barrier at the point of the SYNCSTG instruction.
Speculative execution along the logical flow that includes the
SYNCSTG instruction is interrupted at the barrier. Speculation
resumes following this instruction if it is non-speculatively
executed. For non-speculative execution of this instruction,
there are no functional effects.
Use of actions 4-6 help provide a barrier for application
switching within the same thread of execution. For this
barrier, the target application model is one where the program
alternates between trusted "runtime" and untrusted "sandbox"
execution. The runtime helps to provide the isolation between
one or more sandbox environments to help mitigate the ability of
a program in one sandbox from having access to unauthorized data
from another sandbox.
Actions 4-6 help define a barrier for transitions, helping to
mitigate the unauthorized access of data between the trusted
runtime and untrusted sandboxes. Transition from sandbox to
runtime is an entry (action 4); transition from runtime to
sandbox is an exit (action 5). Action 6 can be used as a
barrier in either direction (entry or exit). Although not as
efficient as action 4 or 5, it can be used if it is not
reasonable to determine whether a transition is an entry or an
If the source for a program uses the SYNCSTG MI instruction with
any of these new values and this PTF is not applied, trying to
create or convert the module will fail with MSGMCH4245, reason
code 3, or MSGMCH4227, reason code 7. Also, if the PTF is
applied but the target release (TGTRLS option on the compile
command) is earlier than V7R1M0, the compilation will fail with
If a program that uses the SYNCSTG MI instruction with values 3
through 6 is moved to a different system, the target system must
include the latest Spectre/Meltdown PTFs and firmware patches.
Failure to do so may result in one of the following:
1. Failure to provide any machine speculation protection if
value 3 is used.
2. Failure to provide an application barrier if values 4 through
6 are used.
3. MSGMCH6801, type=1, may be generated when the program runs.
4. MSGMCH4245, reason code 3, or MSGMCH4227, reason code 7, may
be generated when the program is created or converted.
5. MSGCPF3888 may be generated if a program is restored and
program conversion is needed.
See the IBM i Security Bulletin for a list of all previously
released PTFs and firmware patches needed to mitigate
CIRCUMVENTION FOR APAR MA47096 :
THIS IS A DELAYED PTF TO BE APPLIED AT IPL TIME.
PTF/FIX NO(S). APAR TITLE LINE
|MRI Feature ........................||NONE|
More support for:
Software version: V7R2M0
Operating system(s): OS/400
Reference #: MF65169
Modified date: 12 September 2018