Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/2/2020 was filed after the mailing date of the Office Action on 8/7/2020.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Response to Arguments
Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1 and 4 is/are rejected under 35 U.S.C. 103 as being unpatentable over Speier in view of Landis, and further in view of Klein.
	Alternatively, Claims 1 and 4 is/are rejected under 35 U.S.C. 103 as being unpatentable over Speier in view of Landis, and further in view of Wilson US 2013/0111195.

	The combination teaches previous claim 1:
Speier teaches:
A non-transitory computer accessible storage medium storing a plurality of instructions that are computer-executable to:
	Processor, MMU, and memory cooperate to manage memory devices [Fig. 1]

	“aspects…may be embodied in hardware and in instructions that are stored in hardware…” [0033]
establish a plurality of memory pools, wherein each memory pool of the plurality of memory pools describes one or more memory address ranges and identifies at least one attribute and at least one permission for the one or more memory address ranges;
	 Speier discloses a method of managing memory regions in a computing system. A memory region corresponds to a memory pool, as a memory region is defined by one or more address ranges (“start address” and “end address” [0024]), one or more attributes (“normal” or “device” memory, “architectural memory types…memory persistence, memory attachment…and/or memory latency” [0003]) and one or more permissions (“memory attributes of memory devices that make up a given memory region may determine operations can or cannot be performed on the memory region…contents of normal memory can be cached, can be speculatively read, and/or can be read and buffered…while the contents of device memory cannot” [0004]; “hardware may then determine what operations can be performed using that memory region by reading the memory attributes from the one or more page tables” [0004]; therefore, Speier discloses a permission, or rules regarding how memory may be accessed).

	Where Speier is silent, Landis teaches for an analogous system using partitions defined by address ranges,
Host system is divided into distinct logical or virtual partitions [Abstract][Figs. 1-4]
Each partition having address boundaries and attributes [Fig. 8]
“Partition relative physical addresses” and “physical hardware addresses” [0012]
software within a virtual partition operates normally by using what appears to the guest OS to be physical addresses” [0078]
“virtual partition monitors 36 provide enforcement of isolation from other virtual partitions” [0089]
“primary task of a monitor 36 is to constrain its virtual partition within its assigned physical addresses” [0277]
“partition descriptors…are used to mark ownership of reserved memory” [0279]

Landis teaches:
obtain a plurality of channels to communicate with the plurality of memory pools, wherein each of the plurality of channels provides communication with a respective memory pool of the plurality of memory pools; and
Landis discloses an ultravisor to provide channels for a plurality of partitions to enable communication with the partition. (“Virtual channels provide a mechanism for general I/O and special purpose client/server data communication between user partitions 24, 26, and 28 and the I/O partitions 16, 18” [0161]). Partitions are analogous to memory regions, as both represent a set of memory addresses.

provide a plurality of channel identifiers corresponding to the plurality of channels to a kernel memory manager that executes in privileged mode in a system.
	“The memory for a channel is allocated and ‘owned’ by the client virtual partition 24, 26, 28” [0161].
low level resource manager serves a command channel to accept transactional requests for assignment of resources to partitions…Operating systems in other logical or virtual partitions communicate with the I/O partition via memory channels established by the ultravisor partition” [0009]
	“I/O server partitions map physical host hardware to I/O channel server endpoints, where the I/O channel servers are responsible for sharing the I/O hardware resources” [0012]
	“All I/O is performed by I/O hardware mapped to I/O partitions 16, 18 that use memory channels to communicate with their client partitions. The primary responsibility of a monitor 36 is instead to protect processor provided resources (e.g., processor privileged functions and memory management units.) The monitor 36 also protects access to I/O hardware primarily through protection of memory mapped I/O. The monitor 36 further provides channel endpoint capabilities which are the basis for I/O capabilities between guest partitions.” [0070]
	Channels, being portions of memory, are identifiable by the addresses they are mapped to (“partition 14 maps the channel portion of client memory into the virtual memory space of the attached server virtual partition…ultravisor application tracks channels with active servers to protect memory” [0161]). During creation of the channel, the channel is identified and provided to the partitions requiring access (“selects the memory to be used for the channel and sends a transaction to the ultravisor partition 14 via command channel 38 to assign memory to the client partition and to create the channel definition. The monitor 36 for the client partition adds the memory pages to the client partition memory management (page) tables and sends a transaction to the ultravisor application to assign the channel server. The monitor 36 for the server partition similarly adds the memory pages to the server partition memory management (page) tables and sends a transaction to ultravisor application to notify the server partition control channel that a new channel is available.” [0196]).
Accordingly, Landis discloses providing identitiers of memory channels to a privileged memory manager, e.g. a monitor. A monitor, such as a virtual machine monitor, is an entity that runs in a a system call interface” [Abstract], as system calls are privileged.

It would have been obvious to the skilled artisan before the effective filing date to incorporate memory channels as disclosed by Landis between the memory regions of Speier in order to provide a fast and safe mechanism for data transfers between them [Landis, 0160].


	Amended claim 1, by contrast, further recites wherein the at least one permission is separate and distinct from the at least one attribute and explicitly defines one or more operations that are permitted to memory addressed by the one or more memory address ranges.
Amended claim 1 requires that at least one permission that explicitly defines one or more permitted operations for the one or more memory address ranges, and that the one or more permissions are distinct from the one or more attributes.
	The combination is silent to explicitly defining one or more such permissions, e.g. RWX permissions 76 as disclosed in the specification [DRW, Fig. 3].

	As above, Speier discloses explicitly defining one or more attributes for one or more memory regions [0004], and storing the attribute as part of internal data structures 120, “such as the TLB 114, the one or more page tables 116, the one or more registers 112, and/or the memory lookup table 118” [0022]. The attribute may indicate that certain operations are not permissible.
As presented by Speier [0003-0005], an attribute refers to certain characteristics of the memory which may affect how it may be accessed, performs, or is coupled. An indication of the attribute indication 204, 212 may be obtained and saved in the host, e.g. as part of a page table [0022, 0024].

In addition, it is noted that the permissions implied by attributes in Speier refer to restrictions placed based on the capabilities of the memory, as distinguished from permissions for protecting data based on other factors, such as the content, the user, or the application.
Hence, Speier is silent to the one or more permissions as claimed, which must be separate and distinct from the attribute.
Landis does not appear to cure these deficiencies.

	Where the combination is silent to identifying permissions which specifically refer to one or more specific operations, where the permissions are separate and distinct from the one or more attributes:
	Klein US 2017/0139840 teaches at least one or more permissions for the one or more memory address ranges, wherein the at least one permission is separate and distinct from the at least one attribute and explicitly defines one or more operations that are permitted to memory addressed by the one or more memory address ranges.
Klein discloses a storage system and method comprising a modified page table, where entries of the page table also include RWX (read/write/execute) permissions [0039]. Portions of storage are represented as data objects, from which one or more partitions may be carved to store objects [0081]. Each partition may be represented in a page table by a page table entry [0082], each entry comprising a number of bits [0084] which may include fields indicating the permissions permitted [0087][0103], including the RWX permissions [0039]. A page constitutes a memory address range with which permissions are associated with. In response to a request for a partition having particular attributes and 
Accordingly, it was known to provide explicit read-write-execute permission bits in entries of a page mapping table for the purpose of controlling accesses to individual pages and/or data objects. Explicitly providing RWX permissions at a fine level of granularity allows for more specific control over accesses to data.
Further, the disclosed RWX bits require only 3 bits per page table entry, and allows the permission for a particular operation (read, write, or execute) to be determined by reading only a single bit. The skilled artisan would have reasoned that reading a small amount of information is faster than reading a larger amount of information. Further, as the permission information is directly stored in usable form, no processing is necessary to ascertain permissions that could only be implied by other data, e.g. the attributes of Speier. 
Hence, it would have been obvious to the skilled artisan before the effective filing date of the claimed invention to incorporate RWX permission bits at a finer level of granularity such as the page level as disclosed by Klein to the system of the combination for the purpose of providing improved control over accesses and high speed access to access control structures.
	Further, the prior art appears to teach each and every element recited in the claim (at least, use of attribute indicators, permissions indicators, virtual channels and channel identifiers), and the elements could have been combined by known methods (adding explicit permission bits as disclosed by Klein to the page table of Speier, and adding virtual channels for sharing and transferring data as disclosed by Landis) in order to yield predictable results (perform access control at the page level and to safely transfer data between partitions).



“FIG. 3 illustrates address mapping circuitry 32 in accordance with one embodiment of the present invention. Address mapping circuitry 32 includes a plurality of entries, such as entry 100. Each entry includes a virtual page address, a corresponding physical page address, and corresponding page attributes. The size of the page may be fixed, or may be specified by a further field in the entry. An entry therefore specifies a page with a starting virtual address and a size. The page attributes may include a read (R) attribute, a write (W) attribute, an execute (X) attribute, an endianness (EN) attribute, a cacheable (C) attribute, and a stack attribute. Some examples of other address attributes which may be included in the page attributes are attributes related to security, memory coherence, cache inhibition, write-through operation, etc. Therefore, as described with respect to FIG. 2 above, a virtual address is provided to address mapping circuitry 32 and an entry is selected whose page contains the received virtual address. The physical page address is provided from the entry to bus 18 (or may be concatenated with the virtual page address and provided to bus 18) and the corresponding page attributes are provided to control circuitry 62. In one embodiment, the provided page attributes are attributes which apply to the page in memory 14 which corresponds to the physical page address of the entry. Therefore, address mapping circuitry 32 may, in one embodiment, include an entry for each page in memory 14. The R attribute may indicate whether or not a read access may be performed to the page, a W attribute may indicate whether or not a write access may be performed to the page, an X attribute may indicate whether or not an instruction from that page can be executed, an EN attribute may indicate the endianness of the information stored in the page, and a C attribute may indicate whether the page is cacheable or not. In one embodiment, the stack attribute is used to indicate whether or not particular link stack instructions have permission to access the corresponding page. For example, a page of memory which has only has this stack attribute asserted can only be written to or read from by the particular link stack instructions, which will be described below. If a page of memory does not have this stack attribute asserted, then it cannot be written to or read from by the particular link stack instructions. Although address mapping circuitry 32 has been described in reference to pages in memory 14, address mapping circuitry 32 may provide page attributes (e.g. access permission indicators) for any segment of memory 14.” [0023]
	It is considered that a permission may be broadly construed as a type of attribute, and the difference in terminology used in Wilson does not prevent “read (R) attribute, a write (W) attribute, an execute (X) attribute” from being construed as permissions, particularly in view of their functions to enable or restrict read, write, or execution respectively.
	Hence, it would have been obvious to the skilled artisan before the effective filing date to incorporate RWX permissions as disclosed by Wilson into the page table of Speier in order to further provide page-level control over how the data in each page may be accessed, thereby enabling the OS to protect data via read/write/execute permission control.

[Claim 4]
4. (Original) The non-transitory computer accessible storage medium as recited in claim 1 wherein the at least one attribute includes an indication that the one or more memory address ranges are device memory.
	The combination teaches claim 1, wherein the at least one attribute includes an indication that the one or more memory address ranges are device memory (“architectural type of normal memory or device memory” [Speier, 0020]).

Claims 2-3 is/are rejected under 35 U.S.C. 103 as being unpatentable over the combination as applied to claim 1 above, in further view of Cordero US 2015/0033002.

2. (Original) The non-transitory computer accessible storage medium as recited in claim 1 wherein the at least one attribute includes an indication that the one or more memory address ranges are random access memory.
	The combination teaches claim 1. While the combination is silent to wherein the at least one attribute includes an indication that the one or more memory address ranges are random access memory, Speier does indicate that attributes may include indications of features of the memory, e.g. “persistence” or “latency” [0003].
	Where the combination is silent, Cordero US 2015/0033002 discloses an analogous system which manages memory, where memory spaces and access requests are associated with attributes. A request for memory may indicate particular attributes required of the memory, and in response to such requests, memory space which matches the requested attributes is provided [0069-0072].
	“request 220 may be for at least one of a deallocation of the memory space and/or the resource, a deallocation and an allocation of the memory space and/or the resource to the memory controller 214, or an allocation to the memory controller 214 of the memory space and/or the resource. The request 220 may be referred to as a memory and/or the resource capture request. The requested memory space may correspond with a buffer, a channel, a DRAM, a DIMM, a portion (sometimes referred to as a "chunk") of a bigger memory space…The memory space may be a continuous memory space, a discontinuous memory space (e.g., a request for two gigabytes may result in two one-gigabyte memory spaces), etc. The requested resource may be practically any resource (or a portion thereof), such as a processor resource (or a portion thereof), an input-output resource (or a portion thereof), etc. The request 220 may be for a memory space and/or a resource to be used temporarily or a memory space and/or a resource to be used permanently. The request 220 may seek a memory space corresponding to a region of memory 212 with a size, non -cacheable, with a pinned address virtual memory management attribute, or any combination thereof.” [0069]
	“may seek a specific memory space…a memory space with a particular attribute (e.g., a type…” [0071]
	“the type of the memory space may be a logical type relating to how data is logically structured, such as a request for a memory space that is compressed, a request for a memory space that is uncompressed, a request for a memory space that is used by a particular entity, a request for a memory space with a particular locality of reference, a request for a memory space with a particular process (or application), a request for a memory space of a particular operating system, and a request for a memory space of a particular hypervisor, etc. The type of the memory space may be a physical type relating to topography, such as a request for a memory space that is on a particular node, a request for a memory space on a particular drawer (e.g., as in symmetric multiprocessing ("SMP") or distributed system for optimal performance), etc. The physical type may also relate to technology, such as a request for a memory space that is non-volatile, a request for a memory space that is flash based, a request for a memory space that is I/O memory, a request for a memory space that is phase change memory ("PCM"), etc. The memory 212 may include a variety of types of memory (e.g., PCM may be mixed in with DRAM), and requests may be generated for the variety of types of memory. The request 220 may seek a memory space with other characteristics not listed herein.”
	Hence, Cordero discloses a request which specifies attributes of the memory desired, where the attribute is a RAM (“requested memory space may correspond with…a DRAM” [0069]).
	It would have been obvious to the skilled artisan before the effective filing date to incorporate Cordero’s techniques for specifying attributes of memory requested to the attributes of the memory spaces and memory requests of the combination in order to support more specific requests for memory 

[Claim 3]
3. (Original) The non-transitory computer accessible storage medium as recited in claim 2 wherein the at least one attribute includes a cacheability associated with the one or more memory address ranges.
	The combination teaches claim 2, wherein the at least one attribute includes a cacheability associated with the one or more memory address ranges (“request 220 may seek a memory space corresponding to a region of memory 212 with a size, non-cacheable…” [Cordero, 0069]).

Claim 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over the combination as applied to claim 1 above, in further view of Bielich US 9,356,602.
[Claim 5]
5. (Original) The non-transitory computer accessible storage medium as recited in claim 4 wherein the at least one attribute includes an ordering property associated with one or more devices addressed by the one or more memory address ranges.
	The combination teaches claim 4, wherein the at least one attribute includes an ordering property associated with one or more devices addressed by the one or more memory address ranges (“contents of normal memory can be cached, can be speculatively read, and/or can be read and buffered with the expectation that the same data can be subsequently read again, while the contents of device memory cannot” [Speier, 0004]).
It appears well-known that device memory may have additional restrictions with regard to how it is accessed (“’device memory’ does not guarantee that a data value read from memory is the most recently written data value” [0003]; “with the expectation that the same data can be subsequently read again, while the contents of device memory cannot” [0004]). Hence, Speier broadly discloses that the attributes may include information with which “computer hardware may then determine what operations can be performed using that memory region by reading the memory attributes” [0004].
	In a broad sense, Speier discloses including similar access rules as part of the memory space attributes. However, Speier is silent to specifically including an ordering property associated with devices of the memory space for the memory space.

	Where the combination is silent, Bielich US 9,356,602 discloses a memory map in which attributes of a memory space are provided, where the attributes include: “whether or not the associated addresses are cacheable…bufferabillity, secure/non-secure memory, sharability, strongly-ordered/normal memory…” [C6, L41-46]
	Accordingly, the art recognized ordering rules as an attribute to be connected with an address space.
	Hence, it would have been obvious to the skilled artisan before the effective filing date to incorporate other known attributes, e.g. ordering, as disclosed by Bielich to the set of attributes of the combination in order to more thoroughly communicate the access restrictions related to one or more addresses of a memory space and hence support proper use of the memory.

Claim 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over the combination as applied to claim 1 above, in further view of Jiang US 2019/0361616.
[Claim 6]
6. (Original) The non-transitory computer accessible storage medium as recited in claim 1 wherein the permissions include at least a read permission, a write permission, and an execute permission.

	Where the combination is silent, Jiang US 2019/0361616 discloses wherein the permissions include at least a read permission, a write permission, and an execute permission (“permission list unit configured to partition memory space into several memory protection areas and independently set an access permission attribute (e.g., readable, writable, or erasable) for each memory area; and an unauthorized operation processing unit configured to process a subsequent operation performed when a permission violating access occurs” [0004]).
	Accordingly, the art recognized the use of at least read and write permissions with respect to a memory area.
	It would have been obvious to the skilled artisan before the effective filing date to incorporate other known memory space attributes such as read and write permissions as disclosed by Jiang to the attributes of the combination in order to protect memory areas from unauthorized accesses.

Claims 7-11, and 15-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over the combination as applied to claim 2 above, in further view of Kani US 2015/0127916.
[Claim 7]
7. (Original) A non-transitory computer accessible storage medium storing a plurality of instructions that are computer-executable as a first memory manager to:
receive a first request for memory from a first thread, the first request including an indication of one or more requested attributes and one or more requested permissions to the memory for the first thread;
select a first memory pool of a plurality of memory pools having one or more attributes and one or more permissions that allow for the one or more requested attributes and the one or more requested permissions, wherein each memory pool of the plurality of memory pools describes one or more memory address ranges, and wherein the first memory manager communicates with the plurality of memory pools via a plurality of channels;
create a first memory object from the first memory pool;
obtain a first channel from a channel service;
associate a first channel identifier of the first channel with the first memory object; and
return the first channel identifier to the first thread.
	Claim 7 is rejected on similar grounds as claim 2. Claim 7 corresponds to claim 1, with added steps for request processing.
In contrast to claim 1, claim 7 further recites:

receive a first request for memory from a first thread, the first request including an indication of one or more requested attributes and one or more requested permissions to the memory for the first thread;
As discussed in addressing claim 2, Cordero discloses a system which manages memory, where memory spaces and access requests are associated with attributes. A request for memory may indicate particular attributes required of the memory, and in response to such requests, memory space which matches the requested attributes is provided [0069-0072].
	“request 220 may be for at least one of a deallocation of the memory space and/or the resource, a deallocation and an allocation of the memory space and/or the resource to the memory controller 214, or an allocation to the memory controller 214 of the memory space and/or the resource. The request 220 may be referred to as a memory and/or the resource capture request. The requested memory space may correspond with a buffer, a channel, a DRAM, a DIMM, a portion (sometimes referred to as a "chunk") of a bigger memory space…The memory space may be a continuous memory space, a discontinuous memory space (e.g., a request for two gigabytes may result in two one-gigabyte memory spaces), etc. The requested resource may be practically any resource (or a portion thereof), such as a processor resource (or a portion thereof), an input-output resource (or a portion thereof), etc. The request 220 may be for a memory space and/or a resource to be used temporarily or a memory space and/or a resource to be used permanently. The request 220 may seek a memory space corresponding to a region of memory 212 with a size, non -cacheable, with a pinned address virtual memory management attribute, or any combination thereof.” [0069]
	“may seek a specific memory space…a memory space with a particular attribute (e.g., a type…” [0071]
	“the type of the memory space may be a logical type relating to how data is logically structured, such as a request for a memory space that is compressed, a request for a memory space that is uncompressed, a request for a memory space that is used by a particular entity, a request for a memory space with a particular locality of reference, a request for a memory space with a particular process (or application), a request for a memory space of a particular operating system, and a request for a memory space of a particular hypervisor, etc. The type of the memory space may be a physical type relating to topography, such as a request for a memory space that is on a particular node, a request for a memory space on a particular drawer (e.g., as in symmetric multiprocessing ("SMP") or distributed system for optimal performance), etc. The physical type may also relate to technology, such as a request for a memory space that is non-volatile, a request for a memory space that is flash based, a request for a memory space that is I/O memory, a request for a memory space that is phase change memory ("PCM"), etc. The memory 212 may include a variety of types of memory (e.g., PCM may be mixed in with DRAM), and requests may be generated for the variety of types of memory. The request 220 may seek a memory space with other characteristics not listed herein.”
Send The Request to the OS, The Process, Or Any Combination Thereof” [Fig. 3]). A process as used therein corresponds to a thread, e.g. a thread of execution, in the sense that processes, tasks, and threads are terms used to refer to a program or application that consumes resources and would require memory space(s) or resources.
	Hence, Cordero discloses a request which specifies attributes of the memory desired and is serviced using an available memory space having the required attributes [0069-0072]).

select a first memory pool… that allow for the one or more requested attributes and the one or more requested permissions
As discussed in claim 1, one or more memory pools having attributes and permissions are available. Cordero discloses, in servicing the request, selecting a pool which matches the attributes requested (“request 220 may seek a specific memory space and/or a specific resource with particular attributes” [0071], see also [0069-0072]). Checked attributes in the combination may further include permissions (“may determine operations can or cannot be performed on the memory region…contents of normal memory can be cached, can be speculatively read, and/or can be read and buffered…while the contents of device memory cannot” [Speier, 0004]).

obtain a first channel from a channel service;
Landis discloses creating and managing channels between a plurality of partitions, under cooperation of a client, server, and a monitor, as discussed in addressing claim 1. (“monitor 36…protect processor provided resources…protects access…through protection of memory mapped I/O…provides channel endpoint capabilities” [0070])
associate a first channel identifier of the first channel with the {first memory object}; and
return the first channel identifier to the first thread.

	Channels, being portions of memory, are identifiable by the addresses they are mapped to (“partition 14 maps the channel portion of client memory into the virtual memory space of the attached server virtual partition…ultravisor application tracks channels with active servers to protect memory” [0161]). During creation of the channel, the channel is identified and provided to the partitions requiring access (“selects the memory to be used for the channel and sends a transaction to the ultravisor partition 14 via command channel 38 to assign memory to the client partition and to create the channel definition. The monitor 36 for the client partition adds the memory pages to the client partition memory management (page) tables and sends a transaction to the ultravisor application to assign the channel server. The monitor 36 for the server partition similarly adds the memory pages to the server partition memory management (page) tables and sends a transaction to ultravisor application to notify the server partition control channel that a new channel is available.” [0196]).
Accordingly, Landis discloses providing identitiers of memory channels to a privileged memory manager, e.g. a monitor. A monitor, such as a virtual machine monitor, is an entity that runs in a privileged mode, as indicated by the capability to assign memory pages to the client [0196] and its use as “a system call interface” [Abstract], as system calls are privileged. The server partition and the client partition each has access to a channel endpoint in order to transmit data. See [Fig. 3], depicting server and client endpoints within different partitions for the purpose of transmitting data. A partition, e.g. partition X, is a user partition upon which a thread executes and thus generates the memory access request which requires the I/O function provided by the I/O partition. After defining the channel, the channel must be identified in some way, e.g. via an address, in order for both partitions to know where data is to be written to (at the server endpoint) and read from (at the client endpoint).


Where the combination is silent, Kani US 2015/0127916 discloses:
create a first memory object from the first memory pool;
Creating a memory class object from a memory pool (“partitioned memory device may be represented…as a single object that is referred to herein as a memory class object” [0014]).
Accordingly, creating memory objects as an intermediary between a memory partition and a process, e.g. a virtual machine [0009], and using the memory object to perform memory allocations in place of the partition itself were known. Using a memory object was known to confer particular advantages (“Dynamic memory allocation as described herein may enable division of a memory of any size into arbitrarily small memory slices. Access to and reading of a memory slice table of a single memory class object may enable relatively rapid and efficient access to memory slices (e.g. as opposed to accessing a similar number of separate objects). Thus, an arbitrary number of memory slices may be efficiently managed, enabling dynamic addition or deletion (hot plugging or unplugging) of small memory slices. The ability to reduce the size of the memory slices into which a memory device is partitioned may increase flexibility and efficiency of a system. With small memory slices, the amount of memory that is allocated or reallocated may be more closely matched to the needs of the each virtual machine.” [0016]).
	It would have been obvious to the skilled artisan before the effective filing date to incorporate Kani’s technique of generating memory class objects to handle memory allocations to the system of the combination in order to flexibility and efficiently manage memory [Kani, 0016].

associate a first channel identifier of the first channel with the first memory object;
	As the memory object is simply an alternate representation of the memory pool, it would have been obvious to the skilled artisan before the effective filing date to substitute the memory object for the memory pool when defining the channel endpoint, and the results would have been predictable (linking the memory object representing the memory pool to memory in the user partition).

[Claim 8]
8. (Original) The non-transitory computer accessible storage medium as recited in claim 7 wherein the first memory manager is executable to:
establish a plurality of memory pool slices derived from a first memory pool of the plurality of memory pools, where each of the plurality of memory pool slices describes a subset of the one or more memory address ranges and includes at least one second attribute allowed by the at least one attribute of the first memory pool and one or more second permissions allowed by the one or more permissions of the first memory pool;
obtain a second plurality of channels to communicate with the plurality of memory pool slices.
	The combination teaches claim 7, wherein the first memory manager is executable to:
establish a plurality of memory pool slices derived from a first memory pool of the plurality of memory pools, where each of the plurality of memory pool slices describes a subset of the one or more memory address ranges and includes at least one second attribute allowed by the at least one attribute of the first memory pool and one or more second permissions allowed by the one or more permissions of the first memory pool;
“memory class object includes information regarding available memory slices…characterized by a single hardware identifier (HID) that identifies the corresponding hardware device as a memory device capable of partitioning into memory slices…memory class object may include a memory slice table…that defines each available memory slice (e.g., by an address and size)…characterized by a value…that corresponds to a property of that memory slice…the value may indicate whether that memory slice is enabled, and thus accessible to the virtual machine for data storage, or disabled and thus inaccessible by the virtual machine” [Kani, 0014]
Accordingly, there is support for slicing a memory class object, where each slice may have unique attributes [Kani, 0039].
obtain a second plurality of channels to communicate with the plurality of memory pool slices.
	The step of obtaining additional channels to enable data transfers with each slice of the memory pool amounts to applying the known technique of creating channels between partitions disclosed by Landis, as discussed in addressing claim 1. A memory pool slice is a subset of a memory class object, and hence a subset of a memory partition. A subset of a partition is a partition. Therefore, it is considered that a channel endpoint may be defined in the slice for purpose of I/O.
	Hence, it would have been obvious to the skilled artisan before the effective filing date to apply Landis’s technique for creating channels for performing data transfers between a user partition and a memory partition to enabling communication with memory pool slices, and the results would have been predictable (providing data transfer capability and thus supporting I/O between the memory slice and a user partition).
See also MPEP 2144.04.VI.B regarding the duplication of parts or steps.

[Claim 9]
9. (Original) The non-transitory computer accessible storage medium as recited in claim 8 wherein the first memory manager is executable to:
receive a second request for memory from a second thread, the second request including an indication of one or more second requested attributes and one or more second requested permissions to the memory for the second thread;
select a first memory pool slice of the plurality of memory pool slices having one or more second attributes and one or more second permissions that allow for the one or more second requested attributes and the one or more second requested permissions;
create a second memory object from the first memory pool slice;
obtain a second channel from a channel service;
associate a second channel identifier of the second channel with the second memory object; and
return the second channel identifier to the second thread.
	Claim 9 is rejected on similar grounds as claim 8, as claim 9 simply reapplies the disclosed process for processing a memory request to another memory request from a thread. See MPEP 2144.04.VI.B regarding the duplication of parts or steps.

[Claim 10]
10. (Original) The non-transitory computer accessible storage medium as recited in claim 7 wherein a first attribute of the one or more attributes of the first memory pool allows for a second attribute of the one or more requested attributes if the second attribute is more restrictive than the first attribute.
	The combination teaches claim 7, wherein a first attribute of the one or more attributes of the first memory pool allows for a second attribute of the one or more requested attributes if the second attribute is more restrictive than the first attribute. This merely follows from logical reasoning – e.g. if a request specifies a particular attribute, e.g. a maximum “latency” [Speier, 0003], any memory exhibiting 
	Alternatively, Speier also indicates that the more restrictive classification of normal memory requires that the memory also be cacheable, speculatively readable, and/or both readable and bufferable [0004]. Accordingly, individual first attributes (cacheable, speculatively readable, and/or readable and bufferable) are individually less restrictive than the second attribute (normal memory).

[Claim 11]
11. (Original) The non-transitory computer accessible storage medium as recited in claim 7 wherein a first attribute of the one or more attributes of the first memory pool allows for a second attribute of the one or more requested attributes if the second attribute is the same as the first attribute.
The combination teaches claim 7. Speier also indicates that the more restrictive classification of normal memory requires that the memory also be cacheable, speculatively readable, and/or both readable and bufferable [0004]. Accordingly, a having the set of first attributes (cacheable, speculatively readable, and/or readable and bufferable) is equally restrictive as the second attribute (normal memory).

[Claim 15]
15. (Original) The non-transitory computer accessible storage medium as recited in claim 7 wherein the first thread is executable to:
receive a second request for memory from a second thread, the second request including an indication of one or more second requested attributes and one or more second requested permissions to the memory for the second thread, wherein the one or more requested attributes for the first memory object allow for the one or more second requested attributes and the one or more requested permissions allow for the one or more second requested permissions;
create a first memory object slice from the first memory object, wherein the first memory object slice describes a first memory address range that is a subset of a second memory address range of the first memory object;
obtain a second channel from the channel service;
associate a second channel identifier of the second channel with the first memory object slice; and
return the second channel identifier to the second thread.
	Claim 15 is rejected on similar grounds as claim 7, as it is a reapplication of the disclosed techniques for processing a request from a first thread for memory from a memory pool to processing a similar second request for memory for a second thread. See MPEP 2144.04.VI.B regarding the duplication of parts or steps.
	It would have been obvious to the skilled artisan before the effective filing date to apply the techniques of the combination for processing a first request to processing a second request, and the results would have been predictable (allocation of memory and channel for another thread).

[Claim 16]
16. (Original) A system comprising:
one or more processors; and
a non-transitory computer accessible storage medium coupled to the one or more processors and storing a plurality of instructions that are executable on the one or more processors as a first memory manager to:
receive a first request for memory from a first thread, the first request including an indication of one or more requested attributes and one or more requested permissions to the memory for the first thread;
select a first memory pool of a plurality of memory pools having one or more attributes and one or more permissions that allow for the one or more requested attributes and the one or more requested permissions, wherein each memory pool of the plurality of memory pools describes one or more memory address ranges, and wherein the first memory manager communicates with the plurality of memory pools via a plurality of channels;
create a first memory object from the first memory pool;
obtain a first channel from a channel service;
associate a first channel identifier of the first channel with the first memory object; and
return the first channel identifier to the first thread.
	Claim 16 is rejected on similar grounds as claim 7, as it is the apparatus for performing the method embodied by claim 7. Claim 16 further recites processor and memory for memory management [Speier, Fig. 1; CLM 1; 0007-0008; 0033]).

[Claim 17]
17. (Original) The system as recited in claim 16 wherein the non-transitory computer accessible storage medium stores a second plurality of instructions which are executable on the one or more processors to:
establish the plurality of memory pools;
obtain a plurality of channels to communicate with the plurality of memory pools, wherein each of the plurality of channels provides communication with a respective memory pool of the plurality of memory pools; and
provide a plurality of channel identifiers corresponding to the plurality of channels to the first memory manager.
Claim 17 is rejected on similar grounds as claim 7 in view of the combination as discussed in claim 1, as it is the apparatus for performing the method embodied by claim 7, further configured with the instructions of claim 1.

[Claim 18]
18. (Original) The system as recited in claim 16 wherein the first memory manager is executable to: 
establish a plurality of memory pool slices derived from a first memory pool of the plurality of memory pools, where each of the plurality of memory pool slices describes a subset of the one or more memory address ranges and includes at least one second attribute allowed by the at least one attribute of the first memory pool and one or more second permissions allowed by the one or more permissions of the first memory pool; and
obtain a second plurality of channels to communicate with the plurality of memory pool slices.
	Claim 18 is rejected on similar grounds as claim 8, as it is the apparatus for performing the method embodied by claim 8.

[Claim 19]
19. (Original) The system as recited in claim 18 wherein the first memory manager is executable to: 
receive a second request for memory from a second thread, the second request including an indication of one or more second requested attributes and one or more second requested permissions to the memory for the second thread;
select a first memory pool slice of the plurality of memory pool slices having one or more second attributes and one or more second permissions that allow for the one or more second requested attributes and the one or more second requested permissions;
create a second memory object from the first memory pool slice;
obtain a second channel from a channel service;
associate a second channel identifier of the second channel with the second memory object; and
return the second channel identifier to the second thread.
	Claim 19 is rejected on similar grounds as claim 9, as it is the apparatus for performing the method embodied by claim 9.

Claims 12-14 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over the combination as applied to claim 7 above, in further view of Klein US 2017/0139840.
[Claim 12]
12. (Original) The non-transitory computer accessible storage medium as recited in claim 7 wherein a first permission of the first memory pool allows for a second permission if the second permission is more restrictive than the first permission. 
	The combination teaches claim 7. Where the combination is silent, Klein discloses, for a storage partition, a set of permissions [0039].
“the added entry indicates at least one of (referred to as entry attributes): the added entry is a valid or invalid entry; the one of the hardware and firmware components; a read only partition; storage characteristics for storing the partition, the storage characteristics include at least one of storage technology for storing the partition of the first data object, copy on write option, read/write/execute permissions, locking in the memory unit of the partition of the first data object.” [0039]

	It would have been obvious to the skilled artisan before the effective filing date to incorporate additional permissions as disclosed by Klein in the permissions disclosed by the combination in order to support more specific controls over accesses to the memory partitions.

[Claim 13]
13. (Currently Amended) The non-transitory computer accessible storage medium as recited in claim 12 wherein the first permission is more restrictive than the second permission if at least one permission in the second permission is not permitted in the first permission.
	The combination teaches claim 12, and further teaches wherein the first permission is more restrictive than the second permission if at least one permission in the second permission is not permitted in the first permission.
Specifically, Klein discloses read, write, and execute permissions [0039]. If a partition is not readable, it is not executable because the instruction code cannot be read, and therefore it is not possible to execute because the instructions are inaccessible. Therefore, the first permission (not readable) is more restrictive than the second permission (not executable) because the executable permission requires read permission, which is not permitted by the first permission.

[Claim 14]
14. (Original) The non-transitory computer accessible storage medium as recited in claim 7 wherein a first permission of the one or more permissions of the first memory pool allows for a second permission of the one or more requested permissions if the second permission is the same as the first permission.
	The combination teaches claim 7. Where the combination is silent, Klein further teaches wherein a first permission of the one or more permissions of the first memory pool allows for a second permission of the one or more requested permissions if the second permission is the same as the first permission (“page table entry may be defined such that its content may be used to distinguish between the different partitions of the data object” [0025]; “the added entry is…storage characteristics include at least one of…read/write/execute permissions” [0039]).
	Klein further indicates that a request may specify one or more storage characteristics “a request...indicating storage characteristics of the respective data block” [0043], and that the “OS may request…which read/write/execute permissions can be used for the requested partition” [0045]. The request may be rejected if the storage characteristics are not met [0047], or granted if each characteristic is successful satisfied [0046].
	Accordingly, it would have been obvious to the skilled artisan before the effective filing date to compare permissions of a partition and a request as disclosed by Klein, to the determination of whether a partition meets the general requirements used in the combination, in order to support the use of finer access controls.

[Claim 20]
20. (Original) The system as recited in claim 16 wherein a first attribute of the one or more attributes of the first memory pool allows for a second attribute of the one or more requested attributes if the second attribute is more restrictive than the first attribute or the same as the first attribute, and wherein a first permission of the first memory pool allows for a second permission if the second permission is more restrictive than the first permission or the same as the first permission.
.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 


The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

Explicit r/w/x permissions distinct from attributes

	[0087]:	Memory segment may specify a set of rwx bits designating access rights for other parties. Hence, explicitly defining permissions for a memory segment was known. A memory segment is considered a memory pool at least because comprises one or more address ranges and identifies permissions.
	“An owner of a memory segment can also specify the kind of access that another party can have to the segment. It does this when requesting a handle by specifying the access rights that it wants to make available to other Secure Objects (e.g. via a set of rwx bits to give other parties permission to read, write or execute instructions from the shared segment respectively).”
	ACM may be hardware or software implemented [0029][0050].
	ACM intercepts load and store instructions [0049].
	Attempts to access a page must have compatible rwx permissions [0119]. 

Raval US 2018/0232320
	[0081]:	Sets of permissions for RWX indicating whether each operation type is permitted for a VM

Klein US 2017/0139840
[0103]:	request indicates attributes (validity; HW or FW; RWX permissions) of a page table entry to be added for a data object

Gittins US 2018/0129620
	[0012]:	segment is a contiguous region of memory, from which memory may be allocated.
	[0044]: cache tag with field indicating attribute (write through vs writeback).


Witchel [P1]: “Modern architectures and operating systems have moved towards a linear addressing scheme, in which each user process has a separate linear demand-paged virtual address space. Each address space has a single protection domain, shared by all threads that run within the process. A thread can only have a different protection domain if it runs in a different address space. Sharing is only possibly at page granularity, where a single physical memory page can be mapped into two or more virtual address spaces…significant disadvantages when used for protected sharing…expensive context switch…coarse granularity of protection regions and the overhead of inter-process communication limit the ways in which protected sharing can be used by application developers…need for fine-grained protection…is clear from the examples of a web server and a web client…” See also [Fig. 1] regarding permissions defined by protection domains.
	Even pages may be considered a coarse granularity [P2, C2, p2-5].

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HEWY H LI whose telephone number is (571)272-8714.  The examiner can normally be reached on Mon-Fri 10-6.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Rones can be reached on (571)272-4085.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/HEWY H LI/Examiner, Art Unit 2136                                                                                                                                                                                                        

/CHARLES RONES/Supervisory Patent Examiner, Art Unit 2136