IBM Support

MF65252 - LIC Mitigate Spectre and Meltdown vulnerabilities in program

PTF ( Program Temporary Fixes ) Cover letter


Order this fix

Abstract

LIC Mitigate Spectre and Meltdown vulnerabilities in program


Pre/Co-Requisite PTF / Fix List

REQ  LICENSED      PTF/FIX  LEVEL

TYPE PROGRAM  REL  NUMBER   MIN/MAX  OPTION
---- -------- ---  -------  -------  ------
PRE  5770999  710  MF65181   00/00    0000



NOTICE:
-------
Application of this PTF may disable or render ineffective programs that
use system memory addresses not generated by the IBM translator,
including programs that circumvent control technology designed to limit
interactive capacity to purchased levels.  This PTF may be a prerequisite
for future PTFs.  By applying this PTF you authorize and agree to the
foregoing.

This PTF is subject to the terms of the 'IBM License Agreement for Machine
Code', the terms of which were provided in a printed document that was
delivered with the machine.

SUBJECT TO ANY WARRANTIES WHICH CAN NOT BE EXCLUDED OR EXCEPT AS EXPLICITLY
AGREED TO IN THE APPLICABLE LICENSE AGREEMENT OR AN APPLICABLE SUPPORT
AGREEMENT, IBM MAKES NO WARRANTIES OR CONDITIONS EITHER EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OR CONDITIONS OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON INFRINGEMENT,
REGARDING THE PTF.


APAR Error Description / Circumvention

-------------------------------------------------
IBM has released this PTF in response to CVE-2017-5753,
CVE-2017-5715, CVE-2017-5754, and CVE-2018-3639.

CORRECTION FOR APAR 'MA46869' :
-------------------------------
Spectre and Meltdown vulnerabilities could allow untrusted
programs to obtain unauthorized access to data as described in
CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, and CVE-2018-3639.
These vulnerabilities can be mitigated by applying this PTF and
taking further actions described in the Special Instructions
section. Run-time performance may be affected if you choose to
take those further actions.

This PTF should be applied along with all other PTFs provided in
response to these vulnerabilities. See the IBM i Security
Bulletin for that list of PTFs:
www.ibm.com/support/docview.wss?uid=nas8N1022433

CIRCUMVENTION FOR APAR 'MA46869' :
----------------------------------
None.


Activation Instructions

None.




Special Instructions

To determine whether to take the further actions described below, you
(the system administrator) must assess the risk that programs running
on your system would intentionally try to read unauthorized data.
Exploiting Spectre and Meltdown vulnerabilities requires a deliberate
attack rather than an accidental program error. If you trust the
providers of the programs that run on your system, and you have
controls in place to prevent untrusted programs from being installed or
created, you might choose not to take the further actions. However, if
you're unsure about trusting programs that run on your system, you
might choose to take the further actions described below.

Note that security level (system value QSECURITY) has no direct effect
on Spectre and Meltdown vulnerabilities. However, if your system is
running at a security level less than 40, users have more direct ways
to gain unauthorized access to data.

Further Actions

To enable Spectre and Meltdown mitigations for all subsequent creations
and conversions of modules, programs, and service programs, the system
administrator should use the Start System Service Tools (STRSST)
command, sign on, and select the following sequence of menu options:

1. Start a service tool
4. Display/Alter/Dump
1. Display/Alter storage
2. Licensed Internal Code (LIC) data
14. Advanced analysis

On the "Select Advanced Analysis Command" screen, enter 1=Select on
the list entry for OXMITIGATIONS.

On the "Specify Advanced Analysis Options" screen in the Options
field, enter the following:
enable

The system will display the resulting mitigation setting, similar to
the following:

-                            Display Formatted Data
-                                                Page/Line. . .       1
-                                                Columns. . . :  1 - 78
-Find . . . . . . . . . . .
-....+....1....+....2....+....3....+....4....+....5....+....6....+....7
-     DISPLAY/ALTER/DUMP
-Running macro: OXMITIGATIONS                    ENABLE
-System-Wide Translator Mitigation Controls
-  OX level:   4
-  Mitigations enabled

In the Options field, you can also enter one of these options:
display
disable
help

After applying this PTF and enabling mitigations as described above,
creating new objects (*PGM, *SRVPGM, or *MODULE object types) from
source code will mitigate those objects for Spectre and Meltdown
vulnerabilities.

To mitigate existing program objects, also take one of these actions:

- Create the programs again by compiling the source code.

- Follow conversion directions in developerWorks article "Simple IBM
i Program and Module Conversion":
http://ibm.biz/ibmi-simple-conversion

- Restore the programs, either after setting the QFRCCVNRST system
value to 7 or by specifying the FRCOBJCVN(*YES *ALL) parameter on the
restore command (such as RST, RSTOBJ, RSTLIB, RSTLICPGM).

- Use the DSPPGM or DSPSRVPGM command to see whether the program has
all creation data (for ILE programs) or observable information (for OPM
programs). If the program shows "All creation data *YES" or
"Observable information *ALL", you can use the CHGPGM or CHGSRVPGM
command with keyword FRCCRT(*YES) to force the program to be created
again.


Additionally, if you expect that untrusted programs might be restored
in the future, the system administrator can set system value
QFRCCVNRST=7 so that programs will be converted with mitigations during
restore.

********************************************************************
THE FOLLOWING ARE SUPERSEDED SPECIAL INSTRUCTIONS. IF THE SUPERSEDED
PTF HAS ALREADY BEEN APPLIED AND ITS SPECIAL INSTRUCTION FOLLOWED,
IT IS NOT NECESSARY TO FOLLOW THAT SPECIAL INSTRUCTION AGAIN.
********************************************************************

SPECIAL INSTRUCTIONS FOR SUPERSEDED PTF MF58856 :
=================================================

If you have not experienced this problem, nothing needs to
be done.  If you have experienced this problem, you need to
do the following to re-create each affected program:

Use the DSPPGM or DSPSRVPGM command to see whether observable
information exists.

If the program has all observable information, then use the
CHGPGM or CHGSRVPGM command with keyword FRCCRT(*YES) to force
program re-creation.

If creation data has been made unobservable, you can
re-create the programs using other methods. One way is to
restore the programs, either after setting the QFRCCVNRST
system value to 7 or by specifying the FRCOBJCVN(*YES *ALL)
parameter on the restore command (RST, RSTOBJ or RSTLIB).
Another way to re-create programs without observable
creation data is to recompile the program source code, using
your choice of optimization level.

SPECIAL INSTRUCTIONS FOR SUPERSEDED PTF MF57247 :
=================================================

If you have not experienced this problem, nothing needs to be done.

If you have experienced this problem, you need to find the affected
objects.  These are *MODULE, *PGM, or *SRVPGM objects that contain
ILE RPG procedures that return zoned decimal values.

Then do the following to re-create the affected objects:

Use the DSPMOD, DSPPGM, or DSPSRVPGM command to see whether
observable information exists in the object.

If the object has all observable information, then use the
CHGMOD, CHGPGM, or CHGSRVPGM command with keyword FRCCRT(*YES) to
force object re-creation.

If creation data has been made unobservable, you can
re-create the objects using other methods. One way is to
restore the objects, either after setting the QFRCCVNRST
system value to 7 or by specifying the FRCOBJCVN(*YES *ALL)
parameter on the restore command (RST, RSTOBJ or RSTLIB).

Another way to re-create objects is to recompile the source code,
using your choice of optimization level.

SPECIAL INSTRUCTIONS FOR SUPERSEDED PTF MF53305 :
=================================================

If you have not experienced this problem, nothing needs to be done.

If you have experienced this problem, you need to do the following to
re-create each affected program, service program, and module:

- Use the DSPPGM, DSPSRVPGM, or DSPMOD command to see whether
observable information exists for the object.

- If the object has all observable information, then use the CHGPGM,
CHGSRVPGM, or CHGMOD command with keyword FRCCRT(*YES) to force object
re-creation.

- If creation data has been made unobservable, you can re-create the
objects using other methods. One way is to restore the objects, either
after setting the QFRCCVNRST system value to 7 or by specifying the
FRCOBJCVN(*YES *ALL) parameter on the restore command (RST, RSTOBJ or
RSTLIB). Another way to re-create objects without observable creation
data is to recompile the program source code, using your choice of
optimization level.

SPECIAL INSTRUCTIONS FOR SUPERSEDED PTF MF50509 :
=================================================

If you have not experienced this problem, nothing needs to be done.

If you have experienced this problem, you need to re-create the
programs that generate incorrect output. If creation data has not been
made unobservable in your programs, you can force program re-creation
using the CHGPGM or CHGSRVPGM commands by specifying the FRCCRT(*YES)
parameter. If creation data has been made unobservable, you can
re-create the programs using other methods. One way is to restore the
programs, either after setting the QFRCCVNRST system value to 7 or by
specifying the FRCOBJCVN(*YES *ALL) parameter on the restore command
(RST, RSTOBJ or RSTLIB). Another way to re-create programs without
observable creation data is to recompile the program source code, using
your choice of optimization level.

SPECIAL INSTRUCTIONS FOR SUPERSEDED PTF MF48189 :
=================================================

If you have not experienced this problem, nothing needs to be done.

If you have experienced this problem, you need to convert the module,
program, and/or service program objects that previously failed to
convert.  The STROBJCVN command can be used to convert your objects.


Default Instructions

THIS IS A DELAYED PTF TO BE APPLIED AT IPL TIME.



Supersedes

PTF/FIX NO(S).  APAR TITLE LINE
--------------  ------------------------------------------------------------
   MF51805      LIC-UNPRED Invalid Storage Reuse within the Optimizing Trans
   MF50057      LIC-UNPRED Leaf Routines With Nested Procedures Cause Stack
   MF65182      LIC Spectre and Meltdown speculation barrier functions
   MF48131      LIC-OTHER-INCORROUT Change BLA addresses for MI DFP quantize
   MF61324      OSP-OTHER-UNPRED MSGMCH3203 during CHGPGM PRFDTA(*APYALL)
   MF60464      OSP-UNPRED preventive fixes for optimizing translator
   MF58856      OSP-OTHER-UNPRED incorrect pointer arithmetic in optimized c
   MF58636      LIC-OTHER-SRCB6005121-LOOP SYSTEM TERMINATED WHILE RUNNING C
   MF58514      OSP-OTHER-F/VOXERROR-RC27-MSGMCH4227 after upgrade from V5R4
   MF57579      OSP-OTHER-F/VVLDUMP-T/QBNCRTMD-MSGMCH3203
   MF57247      OSP-OTHER-INCORROUT zoned values not returned to CL CALLPRC
   MF57217      OSP-OTHER-F/VOXCA-MSGMCH3203 module creation fails with VLOG
   MF56489      OSP-OTHER-F/VOXERROR-MSGMCH4234 during creation or conversio
   MF55670      OSP-OTHER-UNPRED fixes for Optimizing Translator
   MF53305      LIC-OTHER-INCORROUT incorrect variable value in optimized pg
   MF52545      LIC-MSGMCH4219 VL11012A13 PROGRAM CREATION FAILS
   MF50509      LIC-OTHER-MSGMCH3601 Teraspace storage model program fails r
   MF50398      LIC-PERFM Performance improvements for optimizing translator
   MF48881      LIC-OTHER-INCORROUT Incorrect code generated for blocked ins
   MF48501      LIC-OTHER-INCORROUT Conversions to/from zoned and packed can
   MF48197      OSP-OTHER-F/VOXERROR-MSGMCH4216 CHGMOD FAILING WITH MCH4216
   MF48189      OSP-OTHER-MSGMCH4230 MCH4230 WHEN DOING A STROBJCVN OVER A *

Summary Information

System.............................. i
Models..............................
Release............................. V7R1M0
Licensed Program............... 5770999
APAR Fixed.......................... MA46869
Superseded by:...................... View fix details for PTF MF65387
Recompile........................... Y
Library............................. QSYS
MRI Feature ........................ NONE
Cum Level........................... NONE


System i Support

IBM disclaims all warranties, whether express or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. By furnishing this document, IBM grants no licenses to any related patents or copyrights. Copyright © 1996,1997,1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018 IBM Corporation. Any trademarks and product or brand names referenced in this document are the property of their respective owners. Consult the Terms of use link for trademark information.

Document information

More support for: i family

Software version: V7R1M0

Operating system(s): OS/400

Reference #: MF65252

Modified date: 12 September 2018