DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Remarks
This action is in response to communication received on 12/16/2020.
Claims 1, 10 and 19 have been amended via Examiner’s amendment.
Claims 9, 18 and 24 have been canceled via Examiner’s amendment.
Claims 1, 10, 19 and 25 are independent claims.
Claims 1-8, 10-17, 19-23 and 25 are currently pending.
Claims 1-8, 10-17, 19-23 and 25 are allowed.
IDSs dated 10/14/2020, 11/11/2020, 01/20/2021, 01/25/2021 and 02/02/2021 have been considered.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Eric J. Baron (Reg.# 56,025) on 03/09/2020 to place the application in condition for allowance. 

The application has been amended as follows: 
In the Claims:
	Claims 1, 10 and 19 are currently amended via Examiner’s amendment.
	Claims 9, 18 and 24 have been canceled via Examiner’s amendment.
	
This list of claims will replace all prior versions, and listings, of claims in the application:
 
List of the Claims: 
(Currently Amended) A method comprising:
receiving a query for an amount of storage in memory of a computer system to be donated to a secure interface control of the computer system, wherein the query is received from  a hypervisor;
determining, by the secure interface control, the amount of storage to be donated based on a plurality of secure entities supported by the secure interface control as a plurality of predetermined values;
returning, by the secure interface control, a response to the query indicative of the amount of storage as a response to the query;
receiving a donation of storage to secure for use by the secure interface control based on  the response to the query, wherein the donation of storage is performed by the hypervisor; and
verifying, by the secure interface control, a command sequence and completion status of  a sequence of interactions for the donation of storage.

(Original) The method of claim 1, wherein the predetermined values comprise an amount of base zone-specific host-absolute storage required, an amount of base secure-guest-domain- specific host-absolute storage required, and an amount of base secure-guest-processor-specific host-absolute storage required.

(Original) The method of claim 2, wherein the amount of storage donated includes at least one variable value comprising an amount of variable secure-guest-domain-specific host- virtual storage.

(Original) The method of claim 3, wherein the amount of variable secure-guest-domain- specific host-virtual storage is defined per megabyte of secure-guest-domain reserved space.

 (Original) The method of claim 1, wherein the predetermined values are reported separately as independent areas of memory.

(Original) The method of claim 1, further comprising:
destroying one or more areas of donated storage based on determining that an associated entity has been destroyed.

(Original) The method of claim 1, further comprising:
registering the donation of storage in a zone-security table with an associated secure domain for use by the secure interface control.

(Original) The method of claim 1, wherein the secure interface control comprises firmware, hardware, or a combination of firmware and hardware.

(Cancelled)

(Currently Amended) A system comprising: a memory; and
a secure interface control of a processing unit configured to perform a plurality of operations comprising:
receiving a query for an amount of storage in the memory to be donated to the secure interface control, wherein the query is received from a hypervisor;
determining the amount of storage to be donated based on a plurality of secure entities supported by the secure interface control as a plurality of predetermined values;
returning a response to the query indicative of the amount of storage as a response to the query;
receiving a donation of storage to secure for use by the secure interface control based on the response to the query, wherein the donation of storage is performed by the hypervisor; and
verifying a command sequence and completion status of a sequence of interactions for the donation of storage.

(Original) The system of claim 10, wherein the predetermined values comprise an amount of base zone-specific host-absolute storage required, an amount of base secure-guest- domain-specific host-absolute storage required, and an amount of base secure-guest-processor- specific host-absolute storage required.

(Original) The system of claim 11, wherein the amount of storage donated includes at least one variable value comprising an amount of variable secure-guest-domain-specific host- virtual storage.

(Original) The system of claim 12, wherein the amount of variable secure-guest-domain- specific host-virtual storage is defined per megabyte of secure-guest-domain reserved space.

(Original) The system of claim 10, wherein the predetermined values are reported separately as independent areas of the memory.

(Original) The system of claim 10, wherein the secure interface control is configured to perform operations comprising:
destroying one or more areas of donated storage based on determining that an associated entity has been destroyed.

(Original) The system of claim 10, wherein the secure interface control is 
registering the donation of storage in a zone-security table with an associated secure domain for use by the secure interface control.

(Original) The system of claim 10, wherein the secure interface control comprises firmware, hardware, or a combination of firmware and hardware.

(Cancelled)

 (Currently Amended) A computer program product comprising a computer readable storage medium, the computer readable storage medium comprising computer executable instructions, which when executed by a secure interface control of a processing unit causes the processing unit to perform a method comprising:
receiving a query for an amount of storage in memory to be donated to the secure interface control, wherein the query is received from a hypervisor;
determining the amount of storage to be donated based on a plurality of secure entities supported by the secure interface control as a plurality of predetermined values;
returning a response to the query indicative of the amount of storage as a response to the query;
receiving a donation of storage to secure for use by the secure interface control based on the response to the query, wherein the donation of storage is performed by the hypervisor; and


(Original) The computer program product of claim 19, wherein the predetermined values comprise an amount of base zone-specific host-absolute storage required, an amount of base secure-guest-domain-specific host-absolute storage required, and an amount of base secure- guest-processor-specific host-absolute storage required.

(Original) The computer program product of claim 20, wherein the amount of storage donated includes at least one variable value comprising an amount of variable secure-guest- domain-specific host-virtual storage.

(Original) The computer program product of claim 19, wherein the predetermined values are reported separately as independent areas of the memory.

(Original) The computer program product of claim 19, wherein the executable instructions further cause the processing unit to perform:
destroying one or more areas of donated storage based on determining that an associated entity has been destroyed.

(Cancelled)

(Original) A method comprising:
receiving a query, from an untrusted entity, for an amount of storage in memory of a computer system to be donated to a secure interface control of the computer system;
determining, by the secure interface control, the amount of storage to be donated based on a plurality of secure entities supported by the secure interface control as a plurality of predetermined values;
returning, by the secure interface control, a response to the query indicative of the amount of storage as a response to the query;
receiving a donation of storage from the untrusted entity for use by the secure interface control based on the response to the query and a command sequence received from the untrusted entity; and
verifying the command sequence and a completion status of interactions between the untrusted entity and the secure interface control.   



REASONS FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance:

	
Hepkin (US 2009/0307686 A1) discloses receiving a query for an amount of storage in memory to be donated (e.g. [0088] discloses computer implemented method, apparatus and computer program product for selective memory donation.  [0089] discloses hypervisor communicates memory donation requests to the OS of the virtual machine.  The operating system may make hypervisor calls and ask the hypervisor if the hypervisor determining the amount of storage to be donated (e.g. [0090] discloses when a virtual machine receives a donation request, the virtual machine’s OS checks to determine if more than threshold amount of the memory space is available for the VM.  If the available memory is more than threshold, the OS honors the donation request by reducing the size of the file cache and then donating the freed memory to hypervisor.  [0012] discloses determining whether a portion of a memory space being used for file caching exceeds a threshold.  If the threshold determination is true, a component of VM releases a part of the file cache that exceeds the threshold.  [0075] discloses an operating system may be configured to selectively respond to the memory donation requests from the hypervisor.  When OS receives the request, the OS determines if any part of the memory space being used can be freed for donation to the hypervisor.  [0080] determines if the memory usage is above a threshold usage level.  For example, amount to be donated is determined based on specified values such as more than 5 percent or 1GB of the memory space available to the VM.); returning a response to the query indicative of the amount of storage as a response to the query (e.g. [0089] discloses if the hypervisor responds affirmatively, a donation request form the hypervisor includes the amount of memory the hypervisor needs the OS to donate.  [0012] discloses determining whether a portion of a memory space being used for file caching exceeds a threshold.  If the threshold determination is true, a component of VM releases a part of the file cache that exceeds the threshold.  The part of the file cache forms a released file cache.  [0080] discloses responding to memory donation request when more than threshold amount of memory is receiving a donation of storage based on the response to the query (e.g. [0089-0090] discloses receiving the amount of freed memory as donation in response to donation request.  [0012] discloses in response to the request, the virtual machine makes the released file cache available to a requester of the request.  [0075] discloses honoring donation request.  Also see [0081].).

Belooshi  (US 2020/0250318 A1) discloses destroying one or more areas of donated storage based on determining that an associated entity has been destroyed (e.g. [0057] discloses having SLA agreement that the data does not remain in the cloud hard disk after deleting the VM.  With the content security policy which will guarantee the data storage deletion after VM termination.). 

Jeong et al. (US 2018/0285138 A1) discloses registering the donation of storage in a table (e.g. [0050] [0128] [0140] discloses virtual machine monitor may be configured to update the memory table in response to allocation, change and retrieval of the memory area.).

Van Riel et al. (US 10,474,382 B2) discloses “Traditionally, reallocating a storage block may involve wiping or clearing the existing content of the storage block prior to reallocating the storage block for security purposes. The technology described herein may enable hypervisor 120 to reallocate storage blocks in a more efficient and secure manner because storage reallocation component 124 may be able to distinguish between an encrypted storage block from an unencrypted storage block. As a result, storage 

Armstorng et al. (US 2018/0246848 A1) discloses securely donating virtual address space and memory space between logical partitions or VMs (e.g. “instantiating by a hypervisor a partition adjunct within a data processing system employing virtual address space donated to the partition adjunct by a logical partition of the data processing system, and wherein the instantiating includes associating a memory protection key with the donated virtual address space of the logical partition which allows access to the donated virtual address space by the partition adjunct and prevents access to the donated virtual address space by the logical partition;” “The hypervisor sets up hardware protection and enforcement of the donated virtual address space and donated memory, so that the client partition can no longer access that space 630.”  “The client partition donates a portion of its virtual address space and memory space and invokes hypervisor to instantiate the partition adjunct with the donated virtual address space and memory space.  The hypervisor then sets up appropriate hardware protection and enforcement of the donated virtual address space and memory space.”)

AlJahdali et al. (AlJahladi_2012.pdf; “Enhancing Multi-Tenancy Security in the Cloud IaaS Model over Public Deployment”; IEEE 2012; 978-0-7695-4944-6/12) disclose “To achieve easy management and better performance, Cloud providers utilize automated resource allocation techniques, which results in some cases of having two or more VMs belonging to different customers residing in the same physical machine. The 

However, the cited prior arts taken alone or in combination fail to teach, in combination with other claimed limitations, “receiving a query for an amount of storage in memory of a computer system to be donated to a secure interface control of the computer system, wherein the query is received from  a hypervisor; determining, by the secure interface control, the amount of storage to be donated based on a plurality of secure entities supported by the secure interface control as a plurality of predetermined values; returning, by the secure interface control, a response to the query indicative of the amount of storage as a response to the query; receiving a donation of storage to secure for use by the secure interface control based on the response to the query, wherein the donation of storage is performed by the hypervisor; and verifying, by the secure interface control, a command sequence and completion status of a sequence of interactions for the donation of storage” as recited in independent claims 1, 10 and 19. 

The cited prior arts taken alone or in combination also fail to teach “receiving a query, from an untrusted entity, for an amount of storage in memory of a computer system to be donated to a secure interface control of the computer system; determining, by the secure interface control, the amount of storage to be donated based on a plurality of secure entities supported by the secure interface control as a plurality of predetermined values; returning, by the secure interface control, a response to the query indicative of the amount of storage as a response to the query; receiving a donation of storage from the untrusted entity for use by the secure interface control based on the response to the query and a command sequence received from the untrusted entity; and verifying the command sequence and a completion status of interactions between the untrusted entity and the secure interface control” as recited in independent claim 25. 

These claimed limitations are not present in the prior art of record and would not have been obvious, thus all pending claims 1-2, 4-7, 9-11, 13-16, 30-35 and 40-56 are allowed.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Hiren Patel whose telephone number is (571) 270-3366.  The examiner can normally be reached on Monday to Friday 9:30 AM to 6:00 PM.		
If attempts to reach the above noted Examiner by telephone are unsuccessful, the Examiner’s supervisor, Emerson Puente, can be reached at the following telephone number: (571) 272-3652. 



March 11, 2021


/HIREN P PATEL/Primary Examiner, Art Unit 2196