.TITLE OPEN_MTACC - Unrestricted magtape access routine .IDENT 'V5.x' ;++ ; ; Facility: ; ; VMS Executive ; ; Abstract: ; ; This routine generates security erase patterns which are used by user ; written programs to preclude the unauthorized disclosure of classified ; information. ; ; Envrionment: ; ; VAX/VMS, Kernel Mode ; ; Author: ; ; Andrew Pavlin, Creation Date: January, 1991 ; ; Modified By: ; ;-- .SBTTL Declarations ; ; Include files: ; .LIBRARY /SYS$LIBRARY:LIB/ ; Automate inclusion of this macro ; library during the assembly. $MTADEF ; Define function codes $VL1DEF ; Volume label definitions $HD1DEF ; ANSI header 1 label definitions $SSDEF ; Define status codes $SYSVECTORDEF ; Define system service vector offsets ; ; Equated symbols: ; LBLNAM = 4 ; Offset to the label passed either ; a VOL1 or HDR1 depending on the type ; passed by address UIC = 8 ; Offset to UIC of user doing operation, ; passed by value STD_VERSION = 12 ; Offset to decimal equivalent of the ; ANSI std version number from VOL1 ; label passed by value ACCESS_CHAR = 16 ; Offset to the access char specified ; by user valid label is being output ; passed by value ACCESS_SPEC = 20 ; Offset to field which indicates if the ; user specified an access char passed ; by value TYPE = 24 ; Offset to type of operation. See ; $MTADEF for types. passed by value ; Local symbols BLANK = ^X<20> ; Hex equivalent of a blank ASCII_1 = ^X<31> ; Hex equivalent of an ASCII one. ; ; Own Storage: ; DECLARE_PSECT EXEC$PAGED_DATA STARID: .ASCII /DECFILE11A/ ; VMS specific implementation identifier .SBTTL Documentation...Loadable image header and trailer ;++ ; ; Instruction to create an MTACCESS.EXE image that optionally ignores ; all accessibility codes ; ; Assemble this module: ; ; MACRO MTACC ; ; Linking this module: ; ; $ LINK /NOSYSSHR/NOTRACEBACK - ; /SHARE=MTACCESS - ; /MAP=MTACCESS /FULL /CROSS - ; /SYMBOL=MTACCESS - ; SYS$INPUT/OPTION ; MTACC, - ; SYS$LIBRARY:STARLET/INCLUDE:(SYS$DOINIT),- ; SYS$SYSTEM:SYS.STB/SELECTIVE ; VECTOR_TABLE=SYS$SYSTEM:SYS.STB ; COLLECT=NONPAGED_READONLY_PSECTS/ATTRIBUTES=RESIDENT,- ; EXEC$NONPAGED_CODE ; COLLECT=NONPAGED_READWRITE_PSECTS/ATTRIBUTES=RESIDENT,- ; EXEC$NONPAGED_DATA ; COLLECT=PAGED_READONLY_PSECTS,- ; EXEC$PAGED_CODE ; COLLECT=PAGED_READWRITE_PSECTS,- ; EXEC$PAGED_DATA ; COLLECT=INITIALIZATION_PSECTS/ATTRIBUTES=INITIALIZATION_CODE,- ; EXEC$INIT_CODE,- ; EXEC$INIT_000,- ; EXEC$INIT_001,- ; EXEC$INIT_002,- ; EXEC$INIT_PFNTBL_000,- ; EXEC$INIT_PFNTBL_001,- ; EXEC$INIT_PFNTBL_002,- ; EXEC$INIT_SSTBL_000,- ; EXEC$INIT_SSTBL_001,- ; EXEC$INIT_SSTBL_002 ; ; Loader Information: ; ; Please refer to the V5.0 Release Notes or Introduction to ; VMS System Services Manual Appendix C on instructions to load ; an installation-specific system image. ; ; The following summarize the steps involed: ; ; 1. Copy MTACCESS.EXE images produced by the above link command ; to the SYS$LOADABLE_IMAGES directory. Note: privilege required. ; ; 2. Add an entry for the MTACCESS.EXE image in the ; SYS$UPDATE:VMS$SYSTEM_IMAGES.IDX data file: ; ; SYSMAN SYS_LOADABLE ADD _LOCAL MTACCESS.EXE - ; /LOAD_STEP = SYSINIT, - ; /SEVERITY = WARNING, - ; /MESSAGE = "failure to load MTACCESS.EXE" ; ; 3. Invoke the SYS$UPDATE:VMS$SYSTEM_IMAGES.COM command procedure ; to generate a new system image data file (file name ; SYS$LOADABLE_IMAGES:VMS$SYSTEM_IMAGES.DATA). During the ; bootstrap, the system uses this data file to load the ; appropriate images. ; ; 4. Reboot the system, which will cause the new MTACCESS.EXE to ; be loaded into the system. Subsequent calls to the $MTACCESS ; system service will optionally not check accessibility. ; ;-- .SBTTL $MTACCESS System Service ;++ ; $ERAPAT ; ; Functional Description: ; This routine is aclled to handle the VOL1 and HDR1 label accessibility ; fields during magnetic tape label processing. It first determines ; the ANSI standard version of this tape. For version 3 or less tapes the ; routine will either output a blank or the character specified by the ; user. On input of version 3 or less tapes, the routine will check for a ; blank and return the value SS$_FILACCERR if the field is non-blank; ; if bit 0 of SGN$GL_USERD1 (SYSGEN parameter USERD1) is set, the routine ; will always return success, ragardless of the character's value. ; ; For version 4 tapes, on output the routine with either output the ; character specified or an ASCII 1 if no character was specified. ; On input of version 4 tapes, if the field is blank then R0 is ; set to 0, which means the user has complete access to the tape. ; If the field has an ASCII one then SS$_NORMAL is returned and ; which means VMS protection will be checked by the caller. If the ; field contains something else then SS$_FILACCERR is returned and ; VMS protection is checked. If bit 0 of SGN$GL_USERD1 (SYSGEN ; parameter USERD1) is set, the routine will always return 0, ; ragardless of the character's value. ; ; This routine does not used the returned SS$_NOVOLACC or SS$_NOFILACC ; codes; however, the installation is free to use them and the caller ; will know how to deal with them. ; ; Calling sequence: ; ; This routine should be called via a CALLS/G to EXE$MTACCESS. ; ; Input: ; ; LBLNAM(AP) : The ANSI label to process passed by address. ; On input the label passed is either the VOL1 ; or HDR1 label read off the magnetic tape. On ; output of labels this field is zero. The ; type of label is determined by the TYPE field. ; ; UIC(AP) : The volume UIC passed by value. ; ; STD_VERSION(AP) : The decimal equivalent of the ANSI standard ; version gotten from the VOL1 label, passed ; by value. ; ; ACCESS_CHAR(AP) : The accessibility character specified by the ; user, passed by value. For output of labels ; only. ; ; ACCESS_SPEC(AP) : Determines if the character passed in ACCESS_CHAR ; was specified by user. ; MTA$K_CHARVALID = YES ; MTA$K_NOCHAR = NO ; passed by value. For output of labels only. ; ; TYPE(AP) : Type of accessibility to process, passed by value. ; MTA$K_INVOL1 = Input a VOL1 label ; MTA$K_INHDR1 = Input a HDR1 label ; MTA$K_OUTVOL1 = Output a VOL1 label ; MTA$K_OUTHDR1 = Output a HDR1 label ; ; Output: ; ; None. ; ; Routine value: ; ; On label INPUT the following is returned: ; ; R0 = SS$_NORMAL : Check the VMS protection on the magnetic tape. ; 0 : Give the user full access. VMS protection is ; not checked. ; SS$_FILACCERR : Check for explicit override then check the ; VMS protection. ; SS$_NOFILACC or SS$_NOVOLACC : The user has no access to the file ; or volume, respectively. ; ; When the label is OUTPUT the accessibility character to write is ; returned in R0. ; ;-- DECLARE_PSECT EXEC$PAGED_CODE SYSTEM_SERVICE MTACCESS,- ; $MTACCESS entry point ,- MODE=KERNEL,- NARG=6 MOVZWL #SS$_NORMAL,R0 ; Assume success. MOVL LBLNAM(AP),R2 ; Get address of label to process MOVZBL TYPE(AP),R1 ; Get type of request ASSUME MTA$K_INVOL1 EQ 0 ASSUME MTA$K_INHDR1 EQ 1 ASSUME MTA$K_OUTVOL1 EQ 2 ASSUME MTA$K_OUTHDR1 EQ 3 CMPB STD_VERSION(AP),#3 ; If GTR then process with V4 rules BGTR ACCESS_V4 ; Process accessibility with the rules used for ANSI standard version 3 or less ; magnetic tapes. CASE R1,<- PREV4_INVOL1,- PREV4_INHDR1,- PREV4_OUTVOL1,- PREV4_OUTHDR1,- > RET PREV4_INVOL1: BLBS G^SGN$GL_USERD1,PREV4_NOCHECK ; skip check if flag set CMPB #BLANK,VL1$B_VOLACCESS(R2) ; If blank then return check VMS prot BEQL 10$ MOVZWL #SS$_FILACCERR,R0 ; Else force override of field 10$: RET PREV4_NOCHECK: CLRL R0 RET PREV4_INHDR1: BLBS G^SGN$GL_USERD1,PREV4_NOCHECK ; skip check if flag set CMPB #BLANK,HD1$B_FILACCESS(R2) ; If blank then return check VMS prot BEQL 10$ MOVZWL #SS$_FILACCERR,R0 ; Else force override of field 10$: RET ASSUME MTA$K_CHARVALID EQ 1 ASSUME MTA$K_NOCHAR EQ 0 PREV4_OUTVOL1: PREV4_OUTHDR1: MOVZBL ACCESS_CHAR(AP),R0 ; Assume char valid TSTB ACCESS_SPEC(AP) ; If NEQ then character passed BNEQ 10$ MOVZBL #BLANK,R0 ; Else return a blank 10$: RET ACCESS_V4: CASE R1,<- V4_INVOL1,- V4_INHDR1,- V4_OUTVOL1,- V4_OUTHDR1,- > RET V4_INVOL1: BLBS G^SGN$GL_USERD1,V4_NOCHECK ; skip check if flag set CMPB #BLANK,VL1$B_VOLACCESS(R2) ; if blank give user full access BNEQ 10$ CLRL R0 RET 10$: CMPB #ASCII_1,VL1$B_VOLACCESS(R2) BNEQ 20$ CMPC3 #10,STARID,VL1$T_SYSCODE(R2) BEQL V4_NORMAL 20$: MOVZWL #SS$_FILACCERR,R0 RET V4_NORMAL: MOVZWL #SS$_NORMAL,R0 RET V4_NOCHECK: CLRL R0 RET V4_INHDR1: BLBS G^SGN$GL_USERD1,V4_NOCHECK ; skip check if flag set CMPB #BLANK,HD1$B_FILACCESS(R2) BNEQ 10$ CLRL R0 RET 10$: CMPB #ASCII_1,HD1$B_FILACCESS(R2) BNEQ 20$ CMPC3 #10,STARID,HD1$T_SYSCODE(R2) BEQL V4_NORMAL 20$: MOVZWL #SS$_FILACCERR,R0 RET V4_OUTVOL1: V4_OUTHDR1: MOVZBL ACCESS_CHAR(AP),R0 TSTB ACCESS_SPEC(AP) BNEQ 10$ MOVZBL #ASCII_1,R0 10$: RET .END