Not all enhancements to z/VM are part of a new release or even a formal IBM announcement letter. This page
is a resource to learn about enhancements going out through continuous delivery for z/VM.
It's also different from formal announcements as it shows work in progress. Think of it as a living preview
announcement for z/VM. As significant changes take place, this page will be updated. Check back
often or subscribe. Note: The z/VM Web site subscription service is intended to provide email alerts
when specific z/VM pages are updated. If you are interested in receiving APAR updates,
click the link for the individual APAR and subscribe to updates on that page.
You may notice that some new functions are actively seeking sponsor users. If you are interested in becoming a sponsor user for a
particular function, visit the z/VM
Sponsor User page for more details. Also important, these and other ideas
from customers and vendors are frequently discussed at the z/VM Council. For
more information and details on how to join, please see the
z/VM Council web page.
Characteristics of a New Function APAR
New Function Information
Name
The name of the project. This can include any previous names the project was known by.
Description
A brief summary of what changes, who it effects, and why you would care.
Status
Along with the current status, this will give indication of key changes since the last iteration of this page.
Target availability
Depending on the project, where it is in the cycle, and other factors, this will list TBD, a quarter, a month, or,
in cases where it has become available, a date. This is not a commitment and as more is learned about the work
and priorities the target availability date will likely be adjusted.
Compatibility
This will describe how compatible an item is. In most cases, this will say 'No known incompatibilities'. It
is not meant to list all details like a migration guide, but to give some indication of what to expect.
Enablement
This will briefly describe how enablement is managed for this Small Product Enhancement. Can it be enabled or disabled?
What is the default? Can it be done dynamically? Is it on a virtual machine basis or system wide basis?
It is not meant to describe all details of that process, but to give an idea of what's involved.
Will also give indication of whether an IPL of the z/VM system is required, or just recycle of virtual machines or new
CMS modules.
Effect
Describes what effect enabling the code may have beyond the compatibility statement above. Such as may slightly
elongate logoff time or CCW translation code paths changed. These are basically meant to be hints as to how the
system may respond or behave differently.
ISV impact
Indicates any impacts to ISV related products that are known, such as "If using a directory manager product, see vendor for required updates."
Linux or hardware interaction
Indicates whether a special level of Linux or hardware is required because of an interaction or dependency.
Environment variable name
If the CP New Function Indication API (APAR VM66439) is installed, the variable name is
used to determine if the function is present on the z/VM system. Variable names are only present on CP New
Function APARs released after the z/VM 7.2 GA date. For non-CP
function, such as CMS, TCP/IP, Performance Toolkit, etc., or CP APARs released prior to z/VM 7.2, there will be no variable associated with the
function and this field will show "N/A". Some new function APARs may introduce more than one environment
variable and/or add new valid values to existing variables. Please see the z/VM
New function Variable List for more information.
This cell has been intentionally highlighted. Cells with this shading have been recently changed.
Release(s)
Indicates the releases planned for this enhancement.
Service details
See below for the IBM service information.
APAR
Information and link to the Authorized Program Analysis Report.
PTF
Information and link to the Program Temporary Fix.
RSU
Information and link to the Recommended Service Upgrade.
Host Exploitation of Crypto Interruptions (Cyrpto Interrupt Support)
Description
This enhancement makes z/VM's APVIRT processing more event-driven. This avoids the overhead of polling by z/VM's control program associated with the previous implementation. This enhancement uses Crypto-related interruptions to achieve this.
Status
Available June 1, 2022
Target availability
May 2022
Compatibility
No known incompatibilities.
Enablement
This support will be enabled after z/VM is IPL'd with the APAR. It cannot be disabled.
Effect
There is no effect to systems that do not use APVIRT. For those with APVIRT, there is a potential performance improvement in terms of the lower IBM Z or LinuxONE processor resources associated with managing APVIRT.
ISV impact
No known impacts.
Linux or hardware interaction
No known Linux or hardware interaction at this time.
A new Active Drain feature will allow moving all pages from in-use PAGE slots off a volume marked DRAIN to other, non-draining, PAGE volumes. This allows PAGE volumes to fully drain and be removed without a system outage.
Status
Currently in development.
Target availability
TBD
Compatibility
No known incompatibilities.
Enablement
TBD
Effect
No known side-effects when not being used. Does require resources to determine page slot content to move and additional I/O proportional to the number of allocate slots that must be drained. IBM intends to provide more details in performance report in the future.
ISV impact
No known impacts at this time.
Linux or hardware interaction
No known Linux or hardware interaction at this time.
To dynamically increase the amount of memory a guest can bring online requires two steps:
1. Raising the maximum in the directory
2. Issuing a DEFINE STORAGE command to add this to the guest's STANDBY memory.
Often step 2 is issued via a COMMAND statement in the directory or in a
PROFILE EXEC. Forgetting to update the DEFINE STORAGE command when the
guest's maximum memory is updated can result in an extra IPL of the
guest. This item will add INITIAL and REMAINDER keyword to the DEFINE
STORAGE command. This will mean all memory from the AS (configured)
amount up to the guest's maximum will be put to STANDBY.
Note that this is different than CP SET RESERVED.
Status
Available March 3, 2021
Target availability
March 2021
Compatibility
No known incompatibilities, but existing commands may need to change to use the new keywords.
Enablement
Apply PTFs and re-IPL z/VM to activate the code. Update existing DEFINE STORAGE command to say DEFINE STORAGE INITIAL STANDBY REMAINDER to use the new support.
Effect
No effect to current usage of DEFINE STORAGE, current keywords will remain unchanged.
Enhances z/VM service process by allowing service to be applied in a multiple z/VM system environment (without SSI)
from a centralized system. This initial effort would apply to the z/VM base system and associated priced
features.
Status
Available September 18, 2020
Target availability
September 18, 2020
Compatibility
No known incompatibilities.
Enablement
Install 7.2 release on all z/VM systems that will be centrally managed. Inititialize and configure master and target z/VM systems. Initially, CSM will not be supporting z/VM systems within an SSI cluster.
Effect
While it adds more options to service process, if not using the new capability, there should be only minor effects to current usage.
ISV impact
No known impacts at this time.
Linux or hardware interaction
No known Linux or hardware interaction.
Environment variable name
N/A
Release(s)
z/VM 7.2 Base
Service details
N/A part of z/VM 7.2 base
APAR
N/A
PTF
N/A
RSU
N/A
CSM fixpack
Name
Centralized Service Management (CSM) fixpack
Description
Enhancements are planned for the Centralized Service Management (CSM) and is a collection of multiple follow-on functionality improvements. There are four specific enhancements planned each as described below.
Improvements to the SERVMGR QUERY command which will allow queries specific to individual components in a service level rather than output for all components being given on every command invocation.
The SERVLVL QUERY command will be expanded to allow wildcard (*) support, allowing mutilple service levels in a CSM to be queried together under one command.
Adding the ability to query CSM managed systems for current PUT2PROD state. If a Pending Service Level has stalled during PUT2PROD, CSMQUERY now allows a query option to retrieve the $PRODS file and display the contents in human-readable format.
A modification to the way localmods are output during a query.
Status
Available September 16, 2022
Target availability
September 2022
Compatibility
No known incompatibilities.
Enablement
Apply PTFs and re-IPL z/VM to activate the code.
Effect
No known effect.
ISV impact
No known impacts at this time.
Linux or hardware interaction
No known Linux or hardware interaction.
Environment variable name
N/A
Release(s)
z/VM 7.3 Base
Service details
N/A part of z/VM 7.3 base
APAR
N/A
PTF
N/A
RSU
N/A
CMS Tape Block Size Increase
Name
CMS Tape Block Size Increase; Increase the block size that CMS supports for tape devices
Description
This enhancement increases the block size supported by CMS native tape I/O functions from 64K-1 (65,535 bytes) to roughly 1 Megabyte (1,114,094 bytes).
Status
Available November 14, 2023
Target availability
November 2023
Compatibility
No known incompatibilities. However, the block size supported by CMS OS simulation does not increase beyond the current 64K-1 (65,535 bytes) limit.
Enablement
This support will be enabled after the APAR is applied. It cannot be disabled.
Effect
There is no effect on systems that do not exploit the new capabilities.
ISV impact
This may enable ISV software to take advantage of larger tape block sizes.
CP New Feature Interrogation API (CP New Function Indication API)
Description
Provides an interface for interrogating whether a named capability is present in
the running CP system. This enhancement simplifies scripting and
automation written by customers and vendors sensitive to the function
level of CP. It facilitates adaptation of vendor products to varying CP
code levels.
The CP QUERY DEVICES project adds the DEVICES subcommand of the QUERY command to report real device settings established by the DEVICES configuration statement and the SET DEVICES command. The objective of the CP QUERY DEVICES project is to allow clients to confirm that device settings are as intended. It is an extension of the existing support that is intended to simplify configuration management and problem determination.
Status
Available December 8, 2020
Target availability
December 2020
Compatibility
No known incompatibilities.
Enablement
Installation and re-IPL of the z/VM system required.
CPU Measurement Facility Host Sampler Exploitation
Name
CPU Measurement Facility Host Sampler Exploitation
Description
A z/VM system programmer can exploit existing hardware sampling to help IBM Service shed light on an LPAR's performance behavior.
System programmer uses IBM Z CPU Measurement Facility to capture data associated with the performance experience of processors, caches, and memory
System programmer sends collected data to IBM for analysis
Status
Currently in development.
Target availability
TBD
Compatibility
No known incompatibilities.
Enablement
A new CP command to initialize and control data collection
Directory statement to authorize access to the Sampler-specific DCSS for data capture
To be used only under IBM direction
Effect
While the capability is not in use, there should be no performance effects. Real memory must be temporarily reserved for use during the measurement and data extraction process, and can then be returned to general use. Performance impact during this period is to be studied during development.
ISV impact
No known impacts at this time.
Linux or hardware interaction
No known Linux interaction. CMS tools to dump and pack experiment data. z13 or later hardware is required.
The Crypto Stateless-Command Filtering enhancement provides support for the Stateless-Command Filtering (SLCF) facility available on CEX8C adapters.
z/VM's exploitation of this new hardware capability will replace the crypto stateless command filtering performed by z/VM for APVIRT crypto users,
thus eliminating the need for future z/VM updates to allow new stateless CCA operations.
Status
Available May 12, 2023.
Target availability
June 2023
Compatibility
No known incompatibilities.
Enablement
Apply PTFs and re-IPL z/VM to activate the code.
Effect
APVIRT crypto users can exploit new stateless CCA operations.
ISV impact
No known impacts at this time.
Linux or hardware interaction
A CEX8S adapter configured in CCA Coprocessor mode is required to exploit this enhancement.
The Diff and Patch tool for CMS is an implementation of the unified DIFF and PATCH
using the unified diff format. The DIFF utility generates a diff file from two input
files, while the PATCH utility applies the changes from an input diff file to an
input source file. Diff files can be distributed and applied to other copies of the
original source file to apply these changes, much like the XEDIT update facility.
Status
Currently in Development
Target availability
First Quarter 2025
Compatibility
No known incompatibilities.
Enablement
Apply PTF and re-IPL to activate the code.
Effect
No known effect.
ISV impact
Vendors will need to use the Diff and Patch tool to implement code changes for their products that are integrated with z/VM. In a future release, z/VM will be removing sequence numbers and adopting full-part replacement. Note: z/VM 7.4 will still include sequence numbers.
Linux or hardware interaction
The intent is to provide a platform-agnostic solution to update z/VM parts, which may be executed on either the CMS operating system or on UNIX/Linux.
Environment variable name
N/A
Release(s)
z/VM 7.4 New Function APAR
Service details
See below for the IBM service information.
APAR
TBD
PTF
TBD
RSU
TBD
Digital Signature Verification (DSV) of z/VM Service Packages
Name
Digital Signature Verification (DSV) of z/VM Service Packages
Description
Tool provided to verify the authenticity and integrity of the z/VM Service packages.
Status
Available March 9, 2024
Target availability
First Quarter 2024
Compatibility
No known incompatibilities.
Enablement
With the PTF for the APAR installed, the verification will be done by GetShopz. GetShopz option to be provided to verify service packages transferred to z/VM without GetShopz.
Effect
The verification will now be done by default with GetShopz.
This new function provides an optional way to transfer service to your
z/VM system. A new web interface will simplify downloading z/VM
service ordered through IBM Shopz. The service files can be transferred
either through direct-to-host connection or uploading the files from a
workstation. The data is verified and unpacked during transfer to the
z/VM host system.
Status
Available August 31, 2021
Target availability
September 2021
Compatibility
No known incompatibilities.
Enablement
Apply PTF, configure SSL, ensure enough space is available for the
service you want to transfer, run CMS program using the MAINT720 user ID
to transfer the service files.
DirMaint uses volume sizes when managing minidisk allocation. Prior
to this support, the size of a volume was defined based solely on the
device type. The device type and its size were defined either in a
DEFAULTS DATADVH data file maintained by IBM or within the DEFAULTS
section of the EXTENT CONTROL file when updated by the installation.
Basing size solely on the device type can lead to incorrect assumptions
for maximum size of a volume and lead DirMaint to fail minidisk
allocation because the size of the device type does not match the
actual size of the volume.
This support enhances DirMaint to use CP QUERY DASD DETAILS to obtain
the maximum size of volumes. DirMaint queries the DASD details when it
builds the VCONTROL file for the volume. The VCONTROL file is used
during minidisk allocation. DirMaint performs this query for volumes
defined in the EXTENT CONTROL file or the source user directory. The
size is obtained for volumes attached to the system on which the DIRMAINT
server is running and in an SSI environment from the systems where
satellite servers are defined. If the size of the volume cannot be
obtained then the device type size as specified in the DEFAULTS DATADVH
data fle or the DEFAULTS section of the EXTENT CONTROL file is used.
Status
Available September 16, 2022
Target availability
September 2022
Compatibility
No known incompatibilities.
Enablement
This support is automatically enabled.
Effect
The construction of VCONTROL files as part of reload the EXTENT CONTROL file (RLDEXTN command) will take a little bit longer in an SSI environment as the DIRMAINT server performs the CP queries on the SSI members. The construction is performed when the RLDEXTN command is issued on once a day as part of new day processing.
ISV impact
No known impacts.
Linux or hardware interaction
No known Linux or hardware interaction.
Environment variable name
N/A
Release(s)
z/VM 7.3 Base
Service details
N/A part of z/VM 7.3 base
APAR
N/A
PTF
N/A
RSU
N/A
DirMaint Health Checker
Name
DirMaint Health Checker
Description
This support provides an automated set of procedures to validate the
configuration and health of the DirMaint servers on a daily basis and on
demand. The tests are orchestrated by the DirMaint server and run on
the DirMaint server, datamove and satellite servers. Installation
support are notified of the results of the tests.
Status
Available December 11, 2020
Target availability
December 2020
Compatibility
No known incompatibilities.
Enablement
The DirMaint configuration files control whether the tests are
automatically run. Defaults are provided in that automatically run the
tests once a day as the result of DirMaint New Day processing (dirven by
the DVHNDAY exec). The installation may specify:
who to contact with the results of the tests,
whether to send the results: always, on a significant warning/error, on any warning.
which DirMaint servers to test,
which tests to run,
modifications to individual test parameters in order to change defaults.
In addition to being automatically run, the health checker can be
invoked by the new IVP command. If submitted to the DirMaint machine,
the health checker will check the health of the DirMaint server and any
configured datamove and satellite servers. The command can also be
invoked from the console of a datamove or satellite server to only check
the health of that server.
Effect
The DirMaint Health Checker code is automatically driven daily as part of DirMaint New Day processing (driven by the DVHNDAY exec).
Performance improvements to DirMaint processing of user and server
requests. Additional tests related to performance and reliability are
added to the Automated IVP that was introduced as a new function APAR
for z/VM 7.2 in December 2020.
Status
Available March 16, 2022
Target availability
March 2022
Compatibility
As part of this support, DirMaint monitor files introduced with the IVP support in December 2020 will be maintained on the A-disk of the DirMaint server for each DirMaint server (DIRMAINT, satellite and datamove server) rather than only on the DIRMAINT server's E disk.
Enablement
Applying this support and restarting the DirMaint servers enables the support.
Dynamic Memory Downgrade, also known as Memory or Storage Reclamation, extends the real storage dynamic management characteristics of z/VM to include removing up to 50% of the real storage from a running z/VM system. Previous versions of z/VM allow adding storage dynamically, but not removing it.
Status
Available August 6, 2021
Target availability
August 2021
Compatibility
Several commands associated with dynamic memory management will have incompatible changes.
Enablement
Applying PTFs will enable code, use of new function will be from commands and configuration file settings.
Requires an IPL of the z/VM system to activate the code for this PTF.
Effect
Most mainline paths are unaffected by these changes, but code paths for initialization and adding memory have significant
changes.
ISV impact
Some monitor changes are needed. Fields in the RSMBK control block will change offsets. If you have a performance product, please see your vendor.
Linux or hardware interaction
Will require z14 or higher. No known Linux interaction at this time.
The component responsible for path management in the SCSI-FCP device
driver has been upgraded in the areas:
Path selection
Path state tracking
Path health checking
New path optimization means better path selection when
ALUA storage
devices are in use and internal changes to the state machine should
provide the user a more robust system. Externals have also been changed to
accommodate additional path states and status information.
Status
Available August 31, 2021
Target availability
August 2021
Compatibility
No known incompatibilities.
Enablement
Apply PTFs and re-IPL z/VM to activate the code.
Effect
No known effects at this time when ALUA storage devices are not in use but expect EDEV path selection to have significant updates to code. Expands the usage of 'QUERY EDEV <rdev>'.
ISV impact
Some monitor changes are needed. If you have a performance product, please see your vendor.
Linux or hardware interaction
No known Linux interaction. ALUA storage devices would be needed to take advantage of path optimization.
When an ESM is present, programs can use the ESM for all SMAPI
authorization decisions at the same granularity used with the SMAPI
existing authorization mechanism. The ESM logs the decision (or not)
that is based on its active policy, without SMAPI knowledge or
intervention.
When an ESM defers its authorization decision to SMAPI, one of the
following actions are taken based on a configuration option:
SMAPI's authorization decision uses the existing authorization
process. SMAPI calls the ESM to log the decision in the ESM-managed
security log. SMAPI has no knowledge if the ESM audit logging is
enabled or disabled.
SMAPI treats the request as unauthorized.
Status
Available September 27, 2018
Target availability
September 2018
Compatibility
Properties in the DMSSICNF COPY file control the ESM authorization
setting. If you are migrating from a release prior to z/VM 7.1, the
contents of your DMSSICNF COPY file will include duplicates of
properties found in the IBMCNF COPY file. You can remove from DMSSICNF
COPY any properties that are also found in IBMCNF COPY.
Enablement
First, configure your ESM to control system APIs by (a) enabling the
FACILITY class and (b) creating new ESM profiles which map to your
desired security policy. Your ESM will not need to be restarted;
however, a REFRESH may be necessary for updated policy to be
detected.
Then, update DMSSICNF to indicate either Authorization_Policy =
Authorization_Policy_EsmList (default) or Authorization_Policy =
Authorization_Policy_EsmOnly.
External Security Manager (ESM) Control of DEFINE MDISK Command
Description
Addition of CP and RACF support to allow CP DEFINE MDISK to be a command
controlled by an External Security Manager.
Status
Available September 16, 2022
Target availability
September 2022
Compatibility
No known incompatibilities.
Enablement
After application of the PTFs, security administrators may define
controls upon the DEFINE MDISK command, and permit users to access same.
In the case of RACF/VM, this would be accomplished via:
Some dumps CP takes include large structures (frame table and/or
pageable PGMBKs) to aid diagnosis of memory management problems. A new
"DISTILL" option on DUMPLOAD extracts an abridged dump omitting these
structures from a hard abend dump or snapdump on spool. This smaller
dump is easier to manage and faster to transmit to IBM, allowing
diagnosis to begin sooner. The complete dump remains in spool and can
be loaded and sent later if needed.
Provides new operands to z/VM FlashCopy commands to allow FlashCopy
relationships between PPRC
primary devices without affecting the PPRC
status of the target devices. This particularly avoids
PPRC suspend conditions on
the target device of the FlashCopy.
Status
Available October 15, 2020
Target availability
October 2020
Compatibility
No known incompatibilities.
Enablement
Apply PTFs and re-IPL z/VM to access the new operands.
Effect
Preserve Mirror prevents FlashCopy from affecting full duplex PPRC relationships.
ISV impact
No known impacts at this time.
Linux or hardware interaction
Disk hardware must support preserve mirror to be able to exploit the new operands. Command response will indicate if specified devices do not support the feature.
Four TB Main memory support, would support the definition and use of real memory up to the four TB line for first level z/VM systems. Over-commitment of total virtual memory across all guests beyond four TB would be supported. The per guest limit of one TB of virtual memory would remain unchanged.
Status
Available March 3, 2021.
Target availability
March 2021
Compatibility
No known incompatibilities.
Enablement
LPAR would need four TB memory defined.
Effect
TBD
ISV impact
No known impacts at this time.
Linux or hardware interaction
No known Linux interaction at this time. System needs enough paging DASD to support >4 TB paging.
March 22, 2021: z/VM customers with RACF installed will receive message VMFAPP2120W indicating that rework is required for part HCPRPP TXT when applying the PTF for APAR VM66173. See March 22, 2021 z/VM Red Alert for more details.
July 1, 2021: APAR VM66173 (PTF UM35834) for 4TB REAL MEMORY SUPPORT is in error. Apply PTF UM35556 for APAR VM66289 as soon as possible. See July 1, 2021 z/VM Service Red Alert for more details.
GetShopz ServiceLink Support
Name
GetShopz ServiceLink Support
Description
Provide support in GetShopz for direct to host transfer of service packages from IBM ServiceLink. GetShopz currently has the function to securely transfer z/VM service packages directly from Shopz. This new function APAR will provide the same ability for orders from ServiceLink.
Status
In development; soliciting sponsor user input.
Target availability
First Quarter 2025.
Compatibility
No known incompatibilities.
Enablement
With the PTF for the APAR installed, the GetShopz program will support direct to host transfer of service packages from ServiceLink.
Greater than 1TB Guest Support; >1TB Guest Support
Description
Support guests that are defined with more than 1TB of memory, subject to a set of documented guidelines and considerations.
Status
Available August 28, 2023
Target availability
September 2023
Compatibility
This support is upward compatible. While there is no associated code change, it is advisable to apply the PTF UM90339 for the APAR associated with the "Large Guest LOGOFF Reset Time Mitigation" function prior to exploiting this capability.
Enablement
Enabled when such a guest is defined.
Effect
Guests can exploit larger memory, subject to some considerations.
ISV impact
To exploit large memory effectively with Oracle, patch 33787325 should be applied.
Linux or hardware interaction
No known Linux or hardware interaction at this time.
Allows client to use the DEFINE HYPERPAVALIAS command to define and associate virtual HyperPAV Alias devices with Base minidisks defined with the MDISK directory statement from real cylinder 1 to END.
Status
Available December 8, 2020
Target availability
December 2020
Compatibility
No known incompatibilities.
Enablement
Apply PTFs and re-IPL z/VM to activate the code.
MDISK user directory statement defining Base device from real cylinder 1 to END and DEFINE HYPERPAVALIAS command. User directory example:
COMMAND DEFINE HYPERPAVALIAS 2F0 FOR BASE 200
MDISK 200 3390 1 END SW2112 MWV
Effect
Protects real volume label and allocation map by preventing access from guest virtual machine.
ISV impact
No known impacts at this time.
Linux or hardware interaction
Linux guest must be configured to exploit HyperPAV Base and Alias devices.
Provide support to allow guest secure IPL (load and dump) for both ECKD and SCSI devices. A z/VM user
can request that the machine loader validate the signed IPL code by using the security keys that were
previously loaded by the customer on the HMC certificate store. The validation ensures that the IPL
code is intact, unaltered, and originates from a trusted build-time source.
Status
CP and DirMaint support available May 18, 2023; SMAPI support available June 30, 2023.
Target availability
June 2023
Compatibility
No known incompatibilities.
Enablement
The program to be loaded must be signed and at a level that supports secure IPL. The HMC certificate store must be
loaded with any necessary matching security certificates. Then the SET LOADDEV or SET DUMPDEV command must be issued
to set the appropriate LOADDEV or DUMPDEV parameters that includes the SECURE option. The IPL command is then issued
to request a secure list-directed IPL.
Effect
The machine loader will use the certificates in the HMC certificate store to validate that the signature of the code being loaded matches the signature on the program.
ISV impact
Directory maintenance products like DirMaint and SMAPI may be affected although the changes made are upwardly compatible. Check with your vendor for updates.
Linux or hardware interaction
New levels of both hardware and Linux are required if the guest is to do a secure IPL.
This project exploits DASD zHPF I/O, when available, when writing CP
Hard Abend and Snap Dumps to CP Dump / Spool space. The goal is to
reduce the amount of time a system is unavailable while a dump is being
taken, before the system is re-IPLed. This will shorten
unplanned outages on systems with large amounts of real memory. This
can be especially advantageous combined with the
Fast z/VM Dump Distiller project, which
reduces the time required to load and send a dump to IBM for diagnosis.
Status
Available March 1, 2021
Target availability
March 2021
Compatibility
No known incompatibilities.
Enablement
Apply PTF and rebuild CPLOAD MODULE. Also requires zHPF to be enabled on storage controller containing dump spool space.
Effect
Reduced time to take CP Hard and Snap Dumps. This enhancement has potential to reduce elapsed dump time by about 50%. Customers' actual results will depend upon their workloads and configurations.
ISV impact
No known impacts at this time.
Linux or hardware interaction
zHPF must be enabled on storage controller that contains the dump spool space. No Linux interaction.
For ETHERNET VSwitches, support has been added to collect and report IPv6
addresses on the Query Vswitch, Query Virtual NIC and DIAG 26C. As
IPv6 usage becomes more prevalent, this information will be more
important for diagnostics. In addition, the VSwitch Unicast IP table
structure has changed from a linked list to a hash table.
Status
Available August 11, 2021
Target availability
August 2021
Compatibility
No known incompatibilities.
Enablement
Apply PTF and re-IPL z/VM to activate the code.
Effect
The Unicast IP hash table will allow for more efficient table searches.
A new CMS password/key management utility -- KEYVAULT -- is planned to allow applications to securely store and retrieve user ID keys (logon passwords) that are needed for data transfers (such as using FTP/FTPS) or automated login procedures.
Large Guest LOGOFF Reset Time Mitigation; Mitigate Effects of Guest Memory Reset Time on Logoff
Description
Reduce the amount of time that a large guest is unavailable for LOGON because of
memory reset during LOGOFF.
Status
Available August 28, 2023
Target availability
August 2023
Compatibility
Once a guest enters the memory reset phase, its virtual devices have been
released and it can be logged on again. The old instance of the guest is still
in memory reset, but its user ID has been translated to lower case and it
cannot be observed except by the QUERY NAMES, INDICATE PAGING, and LOCATE VMDBK
commands, all of which will report its status as "LOGOFF" or, for QUERY NAMES,
"LOF". The response to INDICATE PAGING has a new column appended to report the
guest status (either "LOGOFF" or "---").
Enablement
Apply PTFs and re-IPL z/VM to activate the code.
Effect
Because the memory reset process is underway for the old guest, its memory
demand will still exist but will decrease over time. Restarting a memory-intensive
workload on the guest may not be advisable unless there is adequate real memory
configured to accommodate that. The intention is to allow a new instance of the
guest to be activated prior to the completion of memory reset so that configuration,
operating system or application maintenance can be applied without delay.
Improved Live Guest Relocation for Mixed-Level Crypto Environments. Formerly known as, LGR Improvements for APVIRT, and Mixed-APVIRT LGR.
Description
This support enables successful Live Guest Relocation (LGR) for
APVIRT crypto users when the type of the shared crypto resource on the
source system does not match the type of shared crypto resource on the
target system. QUERY VIRTUAL CRYPTO on any system in a relocation
domain will report the lowest level of crypto express adapter available
in the shared pools of all systems in a relocation domain. By reporting
the functional capability of the lowest level adapter, APVIRT crypto
users are able to determine the level of functionality that can be
used to enable relocation between systems in the relocation domain
without using the FORCE ARCHITECTURE option.
Status
Available August 11, 2021
Target availability
August 2021
Compatibility
When running in an SSI environment, QUERY VIRTUAL CRYPTO will report the lowest level of shared crypto express adapter available in a relocation domain.
Enablement
IPL the z/VM system with the LGR Improvements for APVIRT support to activate.
Effect
In an SSI environment with mixed levels of Crypto Express adapters and guests in relocation domains that span those mixed levels, they will see the lower level attributes even when running on the member with the higher level Crypto Express (with all members having the PTF applied). When a subset of the members have the PTF applied, there will be a mixture of the rules in place, dependent on the source and target of an relocation. Additional information will be available when the PTF is released. No effect when not in an SSI environment.
ISV impact
No known impacts at this time.
Linux or hardware interaction
Linux currently uses the results of an AP crypto instruction to determine the level of function available in a relocation domain. No updates to Linux are required.
This enhancement allows the file mode of the Monitor data file collected by MONWRITE to be specified so that they are no longer restricted to being written to the A-disk.
Status
Available November 14, 2023
Target availability
December 2023
Compatibility
No known incompatibilities.
Enablement
This support will be enabled after the APAR is applied. It cannot be disabled.
Effect
There is no effect on systems that do not use the new option. MONWRITE will continue to write Monitor data files to the A-disk unless the command invocation is changed.
Multi-target PPRC allows both a local and a remote target. One Metro
Mirror target could be in the same data center as the local production
to protect from a single storage controller failure. A secondary
Metro Mirror or Global Mirror target could be in a separate location
to protect against a more widespread issue that affects the entire
local data center.
Multi-Target PPRC is currently supported by z/VM. However, all PPRC
target (secondary) devices must reside in subchannel set zero (the
default subchannel set). The new z/VM support will add support for up
to 3 alternate subchannel sets allowing each PPRC secondary target
device of a Multi-Target primary device to exist in a separate
alternate subchannel set. This support will also allow Alias devices
associated with each secondary target device to reside in the
secondary device's corresponding alternate subchannel set. This
support will be interlocked with related GDPS xDR support.
With this enhancement, the aliases of the primary devices must reside
in the same subchannel set as their base devices, even if that is the
default subchannel set 0. This differs from the z/OS implementation
where all aliases can exist in a separate alternate subchannel set.
Status
Available September 18, 2020
Target availability
September 18, 2020
Compatibility
The concept of logical subchannel set 1, no matter the real subchannel
set ID, will be removed in the VM externals. A real device defined in
an alternate subchannel set will maintain its real subchannel set ID,
even after a Hyperswap. There will however still be the concept of an
Active vs. Stand-by set of DASD devices.
Enablement
Installation and re-IPL of the z/VM system required.
Effect
No effect when not exploiting the new capability, but will impact any client who exploits VMs current alternate subchannel set support.
ISV impact
No known ISV impacts.
Linux or hardware interaction
No known Linux interaction. Does require storage server that allows mutli-target PPRC.
Environment variable name
N/A
Release(s)
z/VM 7.2 Base
Service details
N/A part of z/VM 7.2 base
APAR
N/A
PTF
N/A
RSU
N/A
NVMe EDEVICE Support for z/VM
Name
NVMe EDEVICE Support
Description
This support allows Non-Volatile Memory Express (NVMe) devices connected via PCI Express (PCIe) adapters to be defined and managed as Fixed-Block Architecture (FBA) emulated devices (EDEVICEs).
Status
Available September 16, 2022
Target availability
September 2022
Compatibility
FEATURES ENABLE PCI is no longer required - PCI support is always enabled and FEATURES ENABLE PCI and FEATURES DISABLE PCI are accepted but ignored.
Enablement
Install PCIe adapter and NVMe device. Define device with SET EDEVICE command. Customer is responsible for acquiring a supported NVMe SSD and for device monitoring and management. A sample CMS-based monitoring utility is provided.
Effect
TBD
ISV impact
Monitor records are enhanced and produced in new combinations, reflecting support for multiple HyperPAV bases and aliases associated with a single EDEVICE.
Performance Toolkit Support for Simultaneous Multi-Threading (SMT)
Description
This enhancement provides new reports within the Performance Toolkit
Feature in support of SMT. New reports will display SMT metrics for each
core in a partition, and for each core type. Reports will also display
the three views of user processor time: raw time, MT-1 equivalent time,
and prorated core time. These reports will assist in understanding
processor usage and efficiency.
Status
Available December 8, 2020
Target availability
December 2020
Compatibility
No known incompatibilities.
Enablement
Apply PTF and recycle Perfkit to pick up SMT enhancements.
The z/VM Performance Data Pump extends Performance Toolkit with the ability to extract real-time performance data and send that to enterprise
observability products for visualization and analysis, leveraging the customer processes for alerting and reporting. The Data Pump includes
support for Splunk. For customers who can use open source, a solution is demonstrated using InfluxDB and Grafana. Sample dashboards for Grafana
will be provided. The IBM Z Container Registry offers container images for use with Linux on z/VM.
Status
Available August 12, 2023
Target availability
August 2023
Compatibility
No known incompatibilities.
Enablement
In addition to installing the PTF, customers will define an extra CMS virtual machine for the Data Pump and create a minimal configuration file.
Splunk users need to define an event collector and index for the VM performance data and define the required reports and dashboards. To use
Grafana dashboards, users need to deploy and configure InfluxDB and Grafana instances or use an existing installation.
Effect
The Data Pump is technically independent of the current PERFSVM function. Customers can run either PERFSVM or the Data Pump, or both, depending on the requirements.
ISV impact
No known impacts.
Linux or hardware interaction
The Data Pump runs in a CMS virtual machine. To run InfluxDB and Grafana containers in a Linux guest on z/VM, Podman or Docker is needed.
Preserve Partial Dump Across Initial Program Load (IPL)
Description
Preserving partial dumps caused by a re-IPL of the partition before the dump completion. Currently, dumps which are terminated by a re-IPL of the partition are not preserved across the re-IPL.
Provides support in z/VM TCPIP for querying ceritficates within a specific GSKKYMAN certificate database. The query will list certificate labels and display certain attributes of the certificates. This item is part of the z/VM TCP/IP Streamlined SSL Configuration project.
Status
Available December 10, 2021
Target availability
December 2021
Compatibility
No known incompatibilities. While new interfaces may be introduced, there is currently no intention to remove existing interfaces, programmatic or otherwise.
Enablement
A new CERTMGR command will be shipped with a QUERY option. The CMS DEFAULTS command will be used for setting the defaults certificate database.
Provide support to allow host secure IPL of SAPL and CPLOAD for both ECKD and SCSI devices. A
z/VM administrator can request that the machine loader validate the signed IPL code by using
the security keys that were previously loaded by the customer on the HMC certificate store.
The validation ensures that the IPL code is intact, unaltered, and originates from a trusted
build-time source.
Additionally, provide support for a local code-signing facility which can securely maintain
private keys for code signing purposes. This facility must be used to re-sign code after
modification of the hypervisor kernel, either for local modifications or for the application
of service.
Status
Currently in Design
Target availability
TBD
Compatibility
No known incompatibilities.
Enablement
SAPL and CPLOAD must be signed and at a level that supports Host Secure IPL. The HMC certificate
store must be loaded with any necessary matching code-signing certificates. A secure
list-directed IPL must be issued to load the hypervisor kernel for validation. If CP is modified
by local installations, updated by vendors, or extended via CPXLOAD, local signing with a
customer-provided private key will be required. Recommendations and guidance on signing and
validation will be provided by IBM.
Effect
The machine loader will use the certificates in the HMC certificate store to validate that the signatures of SAPL and CPLOAD match the signatures on the program.
ISV impact
For vendor products which provide new signed text decks for CPXLOAD, the vendor must provide a public key for inclusion by the customer on the HMC.
Linux or hardware interaction
IBM z16 or IBM LinuxONE 4 with appropriate service levels applied.
This item will provide a centralized 'collector' program which gathers
security-relevant configuration information from the running z/VM system
and its services and provides them to a system programmer or
security administrator via a single pane of glass. This item will also
provide an API (via SMAPI) by which z/VM management programs, or
compliance programs, can collect this data if authorized.
Status
Available June 26, 2023
Target availability
June 2023
Compatibility
No known incompatibilities.
Enablement
After application of PTF, an authorized virtual machine may execute the
function via issuance of the relevant invocation string. Program will
detect how (or if) security relevant features are enabled.
Configuration and control of SMAPI will be required in order to use the
API functionality provided by this item.
Effect
TBD
ISV impact
Directory manager and/or security manager software provided by vendors may need additional enablement support in order to provide data via this interface.
Linux or hardware interaction
API support is intended for use by the IBM zSCC (Security & Compliance Center).
This enhancement allows the control program identification provided by z/VM guests to be displayed,
similar to the HMC Systems Management "Partitions" display. It also provides this information in
Monitor domain 1 sample configuration record 15 (MRMTRUSR), "Logged on User" and in new domain 4
event record 14 (MRUSESCP), "SCP Identification". CMS is enhanced to provide its control program
identification to z/VM.
Status
Available 23, 2024
Target availability
April 2024
Compatibility
No known incompatibilities.
Enablement
This support will be enabled after z/VM is IPL'd with the APAR. It cannot be disabled.
Effect
There is no effect on normal system operation.
ISV impact
No known impacts.
Linux or hardware interaction
No known Linux or hardware interaction at this time.
This project augments REXX Sockets with additional
IOCTL functions to support TLS, adds
support for IPv6, improves Domain Name Server support, implements two
new socket functions and enhances diagnostics. As a side-effect, it
also removes addressability constraints, allowing code to be added
easily and naturally in future.
Status
Currently in test; soliciting sponsor user feedback
Alternate paths can be defined for list-directed SCSI IPL via the SET LOADDEV command and the User Directory LOADDEV statement. If IPL fails using the primary path, alternate paths will be used automatically.
SET EDEVICE Optional LUN Specification will allow the LUN operand on the
SET EDEVICE command and the EDEVICE system configuration statement to
be optional after the first path has been established.
Status
Available December 8, 2020
Target availability
December 2020
Compatibility
No known incompatibilities.
Enablement
Apply PTFs and re-IPL z/VM to activate the code.
Effect
No effect on current SET EDEVICE command or EDEVICE statement.
A new z/VM System Management API (SMAPI) called System_FCP_EQID_Set is
created to provide a SMAPI API to enable modification of device
equivalency IDs (EQID) for real FCP Adapter devices. This new API is
particularly beneficial for customers who use SCSI disks connected via
FCP (not edevices) and desire to utilize Live Guest Relocation (LGR) in
an SSI environment.
Status
Available September 23, 2022
Target availability
TBD
Compatibility
No known incompatibilities.
Enablement
Apply PTFs and re-start SMAPI to activate the code.
Effect
No known effect.
ISV impact
No known ISV impacts.
Linux or hardware interaction
No known Linux or hardware interaction at this time.
The Spool Information Enhancements project enhances spool subsystem
interfaces to provide additional information. Its objective is to
enable spool management software such as z/VM Operations Manager to
facilitate client DASD migration and backup activities. These
extensions to the existing interfaces will allow clients to manage spool
files and volumes more effectively.
Status
Available March 1, 2021
Target availability
March 2021
Compatibility
No known incompatibilities.
Enablement
Apply PTFs and re-IPL z/VM to activate the code.
Effect
Diagnose X'D8' can return information indicating which CP-owned volumes
contain at least one page of a designated spool file.
Diagnose X'D8' and the *SPL IUCV System Service can process spool files
on the System Data File (NSS/DCSS, UCR, IMG, NLS, and TRF files) queue.
ISV impact
No known impacts at this time, although ISVs may choose to exploit the new functions to deliver new capabilities.
Linux or hardware interaction
No known Linux or hardware interaction at this time.
This New Function APAR increases the maximum size of a Single System
Image (SSI) cluster from four members to eight members. Four-member
clusters may be installed initially, and then additional members may be
added to the cluster. This will allow customers to grow their SSI
clusters to allow for more workload, and more flexibility in using live
guest relocation (LGR) for non-disruptive upgrades and workload
balancing.
Part of z/VM 7.3 base. See pre-requisisite service below.
APAR
N/A
PTF
N/A
RSU
N/A
Support Larger NVMe EDEVICE Page Space Allocations
Name
Support Larger NVMe EDEVICE Page Space Allocations
Description
Allow paging space to be allocated anywhere on an NVMe EDEVICE and to be of any size up to the available capacity. Requires a corresponding ICKDSF APAR to Enhance CPFMTXA to enhance FBA allocation.
Status
Available August 22, 2023
Target availability
August 2023
Compatibility
This support is upward compatible. It depends on an updated version of ICKDSF.
Enablement
Enabled when the PTFs are applied and NVMe EDEVICEs are allocated with large extents using CPFMTXA (ICKDSF).
Effect
NVMe FBA EDEVICEs can handle large paging workloads more effectively.
An update of the cryptographic services library is planned to allow for enhanced
certificate diagnostic enhancements, improved algorithmic support, and future
enablement of TLS 1.3 for secure connectivity to the z/VM platform.
Status
Available October 4, 2023.
Target availability
Fourth Quarter 2023
Compatibility
No known incompatibilities.
Enablement
Apply PTF and re-IPL z/VM TLS Server(s) or z/VM LDAP Server(s) to activate the code.
This enhancement updates the Thin Stack FCP SCSI device driver and associated IO
routines to exploit adapter interruptions. It also provides improved error handling
to the SCSIDISC command. Use of adapter interruptions is required for Thin Stack to be
compatible with future models of the z processor.
Status
Available August 22, 2023
Target availability
August 2023
Compatibility
No known incompatibilities.
Enablement
Required the use of an updated SALIPL (CMS command), SCSIDISC (CMS command), and CPLOAD. All three component may be used independently, however the full benefit of this line item is not achieved until all three items are installed and the IPL record for FCP SCSI based z/VM system has been re-written using the updated SALIPL. The new SALIPL will install an updated SAPL system loader program.
Effect
This enhancement impacts: IPL from FCP SCSI devices, dump to FCP SCSI devices using abend and SNAPDUMP processing, the SALIP and SCSIDISC commands.
The z/VM Timing Enhancements line item will improve the current support
of the Server Time Protocol (STP) by including leap seconds in several
key interfaces where z/VM reports on civil time. When leap seconds are
properly configured to the Central Processor Complex (CPC), this will
mean that time generated by z/VM and time generated by other operating
systems that support STP and are part of the same timing network, will
be consistent.
Status
Currently in development; soliciting sponsor user feedback.
This support provides general peer certificate cross-checking against an
external source, via OCSP (Online Certificate Status Protocol) and via
the CRL (Certificate Revocation List) Distribution Points (CDP)
mechanisms embedded as part of the z/VM System SSL Cryptographic
library, when the peer certificate is built with the extension(s) for
CDP and OCSP. Online Certificate Protocol was codified in
RFC 6960 and CDP was documented
as part of RFC 5280. Support for these has been part of z/OS System SSL
for some time; this deliverable allows enablement and configuration of
that support on z/VM 7.2.
Status
Available January 6, 2021
Target availability
December 2020
Compatibility
No known incompatibilities.
Enablement
This function is enabled and configured through new DTCPARMS configuration parameters for the SSL/TLS Server. Changes made to the SSL configuration parameters will require a restart of the SSL servers. A small enhancement is also made to the TCPIP stack so a restart of TCP/IP will be required after the PTF is applied.
Effect
Security is enhanced by verifying that a client certificate has not been revoked. When this support is enabled, the handshake time will increase when a peer certificate is presented with CDP and/or OCSP extensions, since a connection needs to be made to an external server.
Two-Speed Monitoring provides a mechanism for collecting z/VM Monitor data at two different sampling rates.
The underlying requirement is to be able to allow some guests to collect detailed data for a relatively brief
period so it can be preserved if a situation arises that requires it for analysis, while allowing other guests
to collect data less frequently and over longer time periods for customary purposes such as real-time
monitoring or feeding the z/VM Performance Data Pump. This avoids disrupting existing client processes that
rely on Monitor data collection.
Status
In development; soliciting sponsor user input.
Target availability
TBD
Compatibility
No known incompatibilities.
Enablement
Apply PTFs and re-IPL z/VM to activate the code. Change an existing MONWRITE guest or create a new one to use the new support.
Effect
No effect on current use of MONITOR command; current keywords will remain unchanged. Some changes to QUERY MONITOR responses.
ISV impact
No known impact but opportunity for exploitation by products that consume Monitor data.
Eliminate VM Pass-Through dependencies on the 370 Accommodation facility and remove support for deprecated devices, enabling PVM to run on either CMS or z/CMS.
Additional information is provided through the *VMEVENT CP system service:
Events are presented for virtual-machine disconnection from and reconnection to a terminal session.
Identification of the connected terminal session (e.g., device type, address, host virtual machine, and IP address, as appropriate) is included on the existing logon event and the new reconnect event.
Full-precision timeout values are added to the logoff-timeout-started and logoff-timeout-service events, to represent times above 65535 seconds accurately.
Redundant runnable-state-entered events are eliminated in cases where the virtual machine was already in runnable state.
Status
Available June 13, 2023
Target availability
June 2023
Compatibility
This support is upward compatible. Where existing event record formats are modified, the new information
is appended at the end. Existing fields retain their prior content, with one exception: previously, a
logoff-timeout value above 65535 seconds was incorrectly truncated to 16 bits; the maximum representable
value, 65535, will be presented in this field instead.
Existing programs that consume *VMEVENT data must be able to tolerate (e.g., ignore) new record types as
well as content appended to existing record types.
VSwitch Bridge Port Enhancements adds a new NICDISTRIBUTION option to
the VSwitch HiperSockets Bridge. When activated, this new option enables
the Bridge to distinguish and manage separately the traffic generated by
various HiperSocket connections on the same HiperSocket CHPID used by
the Bridge. Traffic entering and exiting the Bridge Port via an OSA link
aggregation group will be more evenly distributed among the assigned
OSAs in the group. Activation of the new option also enables the VSwitch
to extract IPv4 and IPv6 address assignments for display in QUERY
VSWITCH.
Status
Available December 10, 2021
Target availability
December 2021
Compatibility
No known incompatibilities.
Enablement
Apply PTFs and re-IPL z/VM to activate the code. The NICDISTRIBUTION
feature can be set on a VSwitch basis. The default behavior is how it
currently works. It can be changed dynamically with the SET
VSWITCH BRIDGEPORT NICDISTRIBUTION command.
Effect
With a NICDISTRIBUTION ON configuration, there is additional processing
to interrogate each Ethernet frame and inspect the source MAC Address.
Performance measurements indicate no noticeable impact by this change.
It is, of course, work load dependent. With NICDISTRIBUTION OFF, the
extra frame inspection is not performed.
Warning Track Interruption Facility will be exploited at z/VM host level to receive
warnings that PR/SM will undispatch a logical CPU from its backing physical CPU. With
these warnings, CP can undispatch work running on said logical CPU to make it
redispatchable elsewhere.
Status
Available November 8, 2023.
Target availability
December 2023
Compatibility
No known incompatibilities.
Enablement
Apply PTF and re-IPL z/VM to activate the code. The function will be enabled by default. The support will include a new SRM configuration statement option as well as a new SET SRM dynamic command option to enable/disable Warning Track exploitation in z/VM.
Effect
Warning Track intends to reduce suspend time and other poor performance symptoms observed when low entitlement LPARs consume more than their entitlement.
ISV impact
Some monitor changes will be included in the support. If you have a performance product, please see your vendor.
Linux or hardware interaction
Requires z14 or higher. No known Linux interaction at this time.
z/XC Architecture support will add a new virtual machine architecture
mode that enables CMS applications running in z/Architecture to take
advantage of multiple address spaces. A z/XC guest will be able to
exploit VM Data Spaces with z/Architecture in the same way that an
ESA/XC guest can exploit them with Enterprise Systems Architecture. This
support will allow z/Architecture CMS (z/CMS) to use VM Data Spaces for
functions such as accessing Shared File System (SFS) Directory Control
(DIRCONTROL) directories. It will also allow use of programs employing
z/Architecture instructions and registers (within the limits of z/CMS
support) and exploiting data spaces in the same CMS session.
Status
Available March 31, 2021
Target availability
March 2021
Compatibility
No known incompatibilities. Statement of support for z/VM 7.1 may be limited.
Enablement
Apply the PTF and re-IPL CP. Then, in a virtual machine, SET MACHINE XC and IPL ZCMS.
All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice,
and represent goals and objectives only. Target dates shared here are not formal commitments, but meant to assist
in your planning purposes. Because of the likelihood of changes, we highly recommend subscribing
to the notifications for this page.
Request to become more involved
If you have interest in a project above and would like more information, feel free to contact Kerry Wilson - kerryw@us.ibm.com.
Please understand that we may need to limit participation and there are other requirements that may vary from project to project.