| Previous | Contents | Index |
On Alpha and I64 systems, establishes a request for notification when an OpenVMS system event occurs.
SYS$SET_SYSTEM_EVENT event ,astadr ,astprm ,acmode ,flags ,handle
int sys$set_system_event (unsigned int event, void (*astadr)(__unknown_params), int astprm, unsigned int acmode, unsigned int flags, struct _generic_64 * handle);
event
OpenVMS usage: event_code type: longword (unsigned) access: read only mechanism: by value
Event code indicating the type of system event for which an AST is to be delivered. The event argument is a value indicating which type of event is of interest.Each event type has a symbolic name. The $SYSEVTDEF macro defines the following symbolic names:
Symbolic Name Description SYSEVT$C_ADD_MEMBER One or more OpenVMS instances have joined the OpenVMS Galaxy sharing community. SYSEVT$C_DEL_MEMBER One or more OpenVMS instances have left the OpenVMS Galaxy sharing community. SYSEVT$C_ADD_ACTIVE_CPU One or more processors have become active within this OpenVMS instance. SYSEVT$C_DEL_ ACTIVE_CPU One or more processors have become inactive within this OpenVMS instance. SYSEVT$C_ADD_CONFIG_CPU One or more CPUs have been added to the set of available CPUs for this OpenVMS instance. SYSEVT$C_DEL_CONFIG_CPU One or more processors have been removed from this OpenVMS instance. SYSEVT$C_TDF_CHANGE The system's time differential factor has changed. astadr
OpenVMS usage: ast_procedure type: procedure value access: call without stack unwinding mechanism: by 32-bit or 64-bit reference
Notification AST routine to receive control after a change in OpenVMS system configuration occurs.astprm
OpenVMS usage: user_arg type: quadword access: read only mechanism: by value
The quadword AST parameter to be passed to the AST routine.acmode
OpenVMS usage: access_mode type: longword (unsigned) access: read only mechanism: by value
Access mode at which the system event AST is to execute. The acmode argument is a longword containing the access mode.Each access mode has a symbolic name. The $PSLDEF macro defines the following symbols for the four access modes.
Symbolic Name Description PSL$C_KERNEL Kernel PSL$C_EXEC Executive PSL$C_SUPER Supervisor PSL$C_USER User The value of the access mode is maximized with the access mode of the caller.
flags
type: access:
Defined in SYSEVTDEF.
SYSEVT$M_REPEAT_NOTIFY When this flag is set, event notification is repeated. handle
OpenVMS usage: handle type: quadword (unsigned) access: read/write mechanism: by reference
The virtual address of a naturally aligned quadword for the event handle.
The Set System Event service establishes a request for notification when a system event occurs. It may create a new system event notification object, add an event to a new or existing object, and enable notification on a new or existing object.If the handle specified is zero, a new system notification request object is created, and a handle for the new object is returned.
If the event specified is non-zero, that event is added to the set of events which trigger notification on the notification object.
The service will verify that the input parameters specify a valid request and enable the object for notification. Notification is accomplished by AST delivery. After the AST has been delivered, if the SYSEVT$M_REPEAT_NOTIFY flag is not set, notification must again be enabled on the object before another notification (AST delivery) can occur.
Errors are returned in the following cases:
- If quotas are exceeded, an error is returned. It is important to note that this routine returns an error and will not retry an attempt to get quota if quota is exhausted on the first attempt.
- See the Condition Values Returned section for types of errors that can be returned.
- If the astadr argument is omitted, and a new notification object is being created, SS$_BADPARAM is returned.
- If the event argument is incorrectly specified, SS$_BADPARAM is returned.
- If the access mode parameter is more privileged than the mode of the caller, the mode of the caller is used.
- If specified, the handle argument must be writeable from the mode of the caller. SS$_ACCVIO is returned if this is not the case.
None
ASTLM
$CLEAR_SYSTEM_EVENT
SS$_NORMAL The service completed successfully. SS$_ACCVIO The service cannot access the locations specified by one or more arguments. SS$_BADPARAM One of more arguments has an invalid value. SS$_EXASTLM The process exceeded its quota for outstanding ASTs. SS$_INSFMEM The system dynamic memory is insufficient to complete the service.
Registers or extends unwind table (UT) information.
SYS$SET_UNWIND_TABLE code_base_va, code_size, ut_base_va, ut_size, gp_value, unwind_info_base, name
ind SYS$SET_UNWIND_TABLE (unsigned __int64 code_base_va, unsigned __int64 code_size, unsigned __int64 ut_base_va, unsigned __int64 ut_size, unsigned __int64 gp_value, unsigned __int64 unwind_info_base, void *name);
code_base_va
OpenVMS usage: address type: quadword (unsigned) access: read only mechanism: by value
With code_size, defines the potential code range. code_base_va is required for both creation and extension calls. code_base_va is the process virtual address of the start of the code region. code_size is the size of the code region in bytes. An error is returned if this overlaps any existing range.code_size
OpenVMS usage: address type: quadword (unsigned) access: read only mechanism: by value
With code_base_va, defines the potential code range. code_base_va is required for both creation and extension calls. code_base_va is the process virtual address of the start of the code region. code_size is the size of the code region in bytes. An error is returned if this overlaps any existing range.ut_base_va
OpenVMS usage: address type: quadword (unsigned) access: read only mechanism: by value
With ut_size, describes the unwind table (UT). ut_base_va is the process virtual address of the UT and must be quadword aligned. ut_size is the size of the UT in bytes and must be a multiple of the size (24 bytes: 3 quadwords) of an unwind table entry (UTE). The UTEs must describe nonoverlapping code subregions within the overall code region.ut_size
OpenVMS usage: address type: quadword (unsigned) access: read only mechanism: by value
With ut_base_va, describes the unwind table (UT). ut_base_va is the process virtual address of the UT and must be quadword aligned. ut_size is the size of the UT in bytes and must be a multiple of the size (24 bytes: 3 quadwords) of an unwind table entry (UTE). The UTEs must describe nonoverlapping code sub regions within the overall code region.gp_value
OpenVMS usage: address type: quadword (unsigned) access: read only mechanism: by value
Ignored on extension calls, required on create calls. The Global Data Pointer (GP) value for the routines described by these unwind tables.unwind_info_base
OpenVMS usage: address type: quadword (unsigned) access: read only mechanism: by value
Ignored on extension calls; required on create calls. The unwind_info_base plus a particular UTE UIB offset must add up to the process virtual address of that UIB. Typically for static code (activated images from disk), this specifies the process virtual base address of the segment containing the UIBs. However, dynamically generated code, for example, can pass a zero for the unwind_info_base and have the full process virtual addresses of the UIBs in their UTEs.name
OpenVMS usage: pseudo-image-name type: character-code-text-string access: read only mechanism: by descriptor-fixed-length string descriptor
Passed by descriptor (ignored on extension calls). May be used for traceback. Need not be unique. Should be less than 255 characters (will be truncated, otherwise).
This interface can be used to register or extend unwind information. It is expected, for example, that applications that dynamically create code will also need to dynamically create unwind tables (UTs) and unwind information blocks (UIBs) for that code. This interface registers such information with the operating system.The image activator also uses this interface to register unwind information for shareable and main images. Note that the code region, though fully specified in terms of its potential size, need not be full of actual code at its initial registration. The unwind table, however, must describe all the code that could execute within that region and that needs unwind information, at any given time. Note also that the unwind table entries (UTEs) within a registered unwind table must remain sorted (ascending order) at any given time.
To create a new registration, specify a new (not registered) code range. On a creation, all parameters (except name) must be specified.
To extend an existing registration, specify an existing (registered) code_base_va. On extension, only the identifying code_base_va and new UT range need be specified, that is, the other parameters may be zeros. An extension call can only alter that registration's ut_base_va and ut_size.
The creator caller's mode defines the mode from which the registration may be extended or removed.
Failure status is returned on creation if the input code range overlaps an already existing range.
Unwind table information that describes code in process space can be registered from any mode.
Unwind table information that describes code in system space can be registered only from kernel mode or executive mode.
None
SYS$CLEAR_UNWIND_TABLE, SYS$GET_UNWIND_ENTRY_INFO. Also see LIB$GET_UIB_INFO in HP OpenVMS Calling Standard.
SS$_NORMAL Routine completed successfully. SS$_BADPARAM Missing or illegal parameter. SS$_VA_IN_USE Overlap detected. SS$_ACCVIO Name descriptor cannot be read.
Searches for and returns information about records in the intrusion database matching the caller's specifications.
SYS$SHOW_INTRUSION user_criteria ,intruder ,intruder_len ,breakin_block ,[flags] ,[context]
int sys$show_intrusion (void *user_criteria, void *intruder, unsigned short int *intruder_len, void *breakin_block, unsigned int flags, unsigned int *context);
user_criteria
OpenVMS usage: char_string or item_list_3 type: character-coded text string or longword (unsigned) access: read only mechanism: by descriptor--fixed-length string descriptor or by reference
If the CIA$M_ITEMLIST flag is FALSE:The user_criteria argument is the description of intruder or suspect. The user_criteria argument is the address of a character-string descriptor pointing to a buffer containing the user criteria to match an intrusion record's user specification in the intrusion database.
The user_criteria argument is a character string of between 1 and 1058 bytes containing characters to match the user specification on records in the intrusion database.
A user specification is any combination of the suspect's or intruder's source node name, source user name, source DECnet for OpenVMS address, local failed user name, local terminal, or the string UNKNOWN. The user specification for an intrusion record is based on the input to the $SCAN_INTRUSION service and the settings of the LGI system parameter. For more information, see the HP OpenVMS Guide to System Security.
Wildcards are allowed for the user_criteria argument. For more information about using wildcards to scan the intrusion database, see the Description section.
If the CIA$M_ITEMLIST flag is TRUE:
The user_criteria argument is now the address of an 32-bit item list. If the item list is used, one item, the CIA$_USER_CRITERIAL item, must be present in the item list.
The following table lists the valid item descriptions for the user_criteria argument:
Item Description CIA$_OUTPUT_LIST Address of an 8192-byte buffer into which the service writes the associated node information for the returned intrusion record. CIA$_SCSNODE_LIST Address of a list of 8-character null-padded SCS nodenames for which the caller wants to see intrusion information about. CIA$_USER_CRITERIAL Address of a buffer, 1-1058 bytes long, containing the intruder or suspect. If a CIA$_SCSNODE_LIST item is provided, an intrusion record will only be returned if it originated on one of the nodes specified. If a CIA$_SCSNODE_LIST item is not provided, records from all nodes will be candidates for display. Multiple CIA$_SCSNODE_LIST items are permitted in the item list.
If a CIA$_OUTPUT_LIST item is provided, the item is filled with node-count records on return. The returned intrusion record will have a breakin block with a valid attempt-count field. The node-count records will have the name and attempt-count for each node represented.
intruder
OpenVMS usage: char_string type: character-coded text string access: write only mechanism: by descriptor--fixed-length string descriptor
User specification of the matched intruder or suspect record in the intrusion database. The intruder argument is the address of a character-string descriptor pointing to a buffer to receive the user specification of the matched record in the intrusion database.The intruder argument is a 1058-byte string that will receive the user specification of a record in the intrusion database that matches the specifications in the user_criteria and flags arguments.
intruder_len
OpenVMS usage: string length type: longword (unsigned) access: write only mechanism: by reference
Length of returned string in the intrusion buffer. The intruder_len argument is the address of a longword to receive the length of the returned intrusion buffer.The possible range of the intruder_len argument is 0 to 1058 bytes. If the longword specified by the argument contains a 0 after the call to the service, either the service did not find a record that matched the user criteria in the intrusion database, or there are no more matching items in the intrusion database.
breakin_block
OpenVMS usage: record type: block of 2 longwords (unsigned) and 1 quadword (unsigned) access: write only mechanism: by reference
Block to receive various information in the intrusion database about a record matching the user criteria. The breakin_block argument is the address of a structure with the following format:
The following table defines the break-in block fields:
| Field | Description |
|---|---|
| Type |
Unsigned longword containing two pieces of information: the types of
the matched record and the status of the suspect---SUSPECT or INTRUDER.
The possible values for the record type are TERM_USER, TERMINAL,
USERNAME, and NETWORK. The possible values for the status are SUSPECT
or INTRUDER. These constants are defined in $CIADEF in STARLET.
The implication is that each type will have two bits set: one bit represents the status, and the other bit represents the record type. |
| Count | Unsigned longword containing the number of login failures or break-in attempts made by the specified intruder or suspect. |
| Time | Quadword time format indicating the time when the record will expire. |
| OpenVMS usage: | mask_longword |
| type: | longword (unsigned) |
| access: | read only |
| mechanism: | by value |
Each option has a symbolic name. The $CIADEF macro defines the following valid names:
| Symbolic Name | Description |
|---|---|
| CIA$M_ALL | All records will be shown. If the flags argument is omitted, this value is assumed. |
| CIA$M_INTRUDERS | Only intruder records matching the criteria specified by the user_criteria argument will be returned. The value of the flag field in the break-in block will always be 1. |
| CIA$M_ITEMLIST | If FALSE, the user_criteria argument is a character string. If TRUE, this argument is a 32-bit item list. |
| CIA$M_SUSPECTS | Only suspect records matching the criteria specified by the user_criteria argument will be returned. The value of the flag field in the break-in block will always be 0. |
Each of these options is mutually exclusive.
| OpenVMS usage: | context |
| type: | longword (unsigned) |
| access: | write only |
| mechanism: | by reference |
The initial value contained in the unsigned longword pointed to by the context argument must be 0. The contents of the unsigned longword must not be changed after the service has set its value. If the contents of the context argument are changed between calls to the service, SS$_BADCONTEXT will be returned.
Contexts become invalid after one-half hour of non-use. This means that if you call the $SHOW_INTRUSION service with a wildcard in the user_criteria argument and do not call the service to get the next matching record within one-half hour, the context becomes invalid. If the context has become invalid, you must restart your search of the intrusion database from the beginning by resetting the context to 0.
The Show Intrusion service returns information about records in the intrusion database that match the criteria you specify.You can retrieve information about multiple records in the intrusion database by specifying wildcards for the user_criteria argument. For example, specifying an asterisk (*) for the user_criteria argument and CIA$M_ALL_RECORDS for the flags argument will return information about all records in the database. Specifying TTA4* for the user_criteria argument and CIA$M_SUSPECTS_ONLY for the flags argument will return information about all suspects who have had failures on terminal TTA4.
If you specify a wildcard string for the user_criteria argument, you must also include a context argument. Because the service can only return information about one intrusion record at a time, you must call the service repeatedly to retrieve information about more than one record. The service will return SS$_NOMOREITEMS when information about all of the matching records has been returned. No intrusion information is returned from the call that returns SS$_NOMOREITEMS.
SECURITY privilege is required.
None
$DELETE_INTRUSION, $SCAN_INTRUSION
SS$_NORMAL The service completed successfully. SS$_ACCVIO The user_criteria or context argument cannot be read, or the intruder, intruder_len, breakin_block, or context argument cannot be written. SS$_BADBUFLEN The length of one of the specified arguments is out of range. SS$_BADCONTEXT The context argument did not contain a 0 on the first call to the service. The context argument's value changed between consecutive calls to the service. SS$_BADPARAM An invalid value was specified in the flags argument, or mutually exclusive options were specified in the flags argument. SS$_NOMOREITEMS All items matching the specified criteria have been returned. SS$_NOSECURITY The caller does not have SECURITY privilege. This service can also return any of the following messages passed from the security server: SECSRV$_NOSUCHINTRUDER No records matching the specified criteria were found in the intrusion database. SECSRV$_SERVERNOTACTIVE The security server is not currently active. Try the request again later.
| Previous | Next | Contents | Index |