DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Application
This office action is in response to the Application filed on 08/27/2019.  
Claims 1-20 are presented for examination. 
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 08/27/2019 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement has being considered by the examiner.
Drawings
The drawings submitted on 08/27/2019 are accepted.
Specification
The lengthy specification has not been checked to the extent necessary to determine the presence of all possible minor errors. Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim(s) 12 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
As to claim(s) 12, it is unclear what technique is involved regarding “removing a kernel module from the range of memory” concerning “execute-only access”. Examiner cannot find any disclosure of “removing a kernel module from the range of memory” regarding “execute-only access” in the specification. 
Claim Rejections - 35 USC § 103
In the event a determination of the status of the application as subject to AIA  35 U.S.C. 102, 103, and 112 (or as subject to pre-AIA  35 U.S.C. 102, 103, and 112) is incorrect, any correction of the statutory basis for a rejection will not be considered a new ground of rejection if the prior art relied upon and/or the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Tsirkin et al. (US 2017/0249173; hereinafter Tsirkin), in view of Ramakrishnan Nair (US 2014/0173600).
Regarding independent claim 1, Tsirkin teaches a method comprising:
initiating, by a hypervisor executing on a computing host comprising a processor device, a virtual machine comprising a guest operating system ([0002], The hypervisor allocates a certain amount of the host's resources, such as the host's underlying physical processors and memory devices, to each of the virtual machines, allowing the virtual machines to transparently access the host's resources; Fig. 1 & [0026], virtual machines 110 are platforms on which operating systems referred to as guest operating systems run. The guest operating systems may be referred to as “guests”);
receiving, by the hypervisor, a request from the guest operating system requesting that a range of memory utilized by the guest operating system be identified ([0033], guest 111 {guest operating system} invokes a hypercall {request} that causes hypervisor 108 to set permissions of a set of memory pages {a range of memory} corresponding to memory allocated to the guest to a particular access mode; [0043], Guest 111 may invoke a hypercall enabling passing the guest physical memory addresses at which the memory pages storing the kernel executable code are stored, requesting permission to execute these memory pages); 
Tsirkin teaches several examples of access permissions including “read-write-execute only”, “read-execute only” and a particular access mode in [0039], Examples of access permissions are read-only, write-only, read-execute only, read-write only, and read-write-execute only. Although Tsirkin does not explicitly teach execute-only, In an analogous art of virtualization, Ramakrishnan Nair teaches memory page is “execute-only” ([0095], page is maintained execute-only (i.e., read/write protected) by using the INTEL® VT feature of extended page table (EPT); [0099], all sensitive information used from the host are contained in the execute-only … thus no guest process can read or modify;
[0136], INTEL® VT-x extended page table (EPT) provides the capability to map pages as execute-only and read/write protected. This is enabled by setting the bit 0 of IA32_VMX_EPT_VPID_CAP MSR (i.e., index 48CH)).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention was made, with the teachings of Tsirkin and Ramakrishnan Nair before them, to improve Tsirkin’s marking the range of memory as “read-write-execute only” or “read-execute only” with Ramakrishnan Nair’s marking the memory page as “execute-only” for the benefits of improved security that all sensitive information are contained in the execute-only space that disables the memory permissions of Read and Write for each of the specified memory pages (Ramakrishnan Nair, [0099]). Thus, the combination of Tsirkin and Ramakrishnan Nair teaches receiving, by the hypervisor, a request from the guest operating system requesting that a range of memory utilized by the guest operating system be identified as being execute-only access.
The combination of Tsirkin and Ramakrishnan Nair further teaches
marking, by the hypervisor, at least one physical page of memory that includes the range of memory as being execute-only access (Tsirkin, [0044], Hypervisor 108 receives the request and enables execution by modifying the permissions in hypervisor page tables 220. Hypervisor 108 may set bits in hypervisor page tables 220 based on the requested access permissions. The hypercall may be used by application code protector 210 to manipulate the permissions in hypervisor page tables 220).
Regarding independent claim 14, Tsirkin teaches a computing device, comprising:
a memory; and a processor device coupled to the memory ([0031] & Fig. 2, processor 104, memory 106, & [0023]-[0024]) to: … 
(Claim recites substantially the same limitations as in claim 1, and is therefore rejected for the same reasons set forth in the analysis of claim 1).
Additionally, in view of Tsirkin and Ramakrishnan Nair further teaches initiate a hypervisor (Ramakrishnan Nair, [0127]-[0128], When the host (i.e., device hypervisor) is initialized, the host calls SETDHBASE to allow the system to store the base address of its page table).
Regarding independent claim 18, Tsirkin teaches a computer program product stored on a non-transitory computer-readable storage medium and including instructions configured to cause a processor device ([0007], a non-transitory machine-readable medium includes a plurality of machine-readable instructions that when executed by one or more processors are adapted to cause the one or more processors to perform a method) to: …
(Claim recites substantially the same limitations as in claims 1 & 14, and is therefore rejected for the same reasons set forth in the analysis of claims 1 & 14).
Regarding claim(s) 2, 15 and 19, in view of Tsirkin, Ramakrishnan Nair further teaches determining, by the hypervisor, that the processor device has a capability to limit access to physical pages of memory to execute-only access (
[0080], During the early phase of booting of the guest OS, a device manager client 541 performs a hypercall to the host to pull a list of virtual device configurations, and the corresponding virtual device drivers to be loaded on the guest OS; [0127]-[0128] & [0136], INTEL® VT-x extended page table (EPT) provides the capability to map pages as execute-only and read/write protected. This is enabled by setting the bit 0 of IA32_VMX_EPT_VPID_CAP MSR (i.e., index 48CH)).
Regarding claim(s) 3, in view of Tsirkin, Ramakrishnan Nair further teaches wherein determining that the processor device has the capability to limit access to physical pages of memory to execute-only access comprises accessing a control register of the processor device that indicates whether the processor device is capable of limiting access to physical pages of memory to execute-only access ([0136], INTEL® VT-x extended page table (EPT) provides the capability to map pages as execute-only and read/write protected. This is enabled by setting the bit 0 of IA32_VMX_EPT_VPID_CAP MSR (i.e., index 48CH)).
Regarding claim(s) 4, in view of Tsirkin, Ramakrishnan Nair further teaches modifying CPUID information of a virtual processor device that indicates the processor device has a capability to limit access to physical pages of memory to execute-only access ([0136], INTEL® VT-x extended page table (EPT) provides the capability to map pages as execute-only and read/write protected. This is enabled by setting {modifying} the bit 0 {CPUID information} of IA32_VMX_EPT_VPID_CAP MSR (i.e., index 48CH)).
Regarding claim(s) 5, in view of Tsirkin, Ramakrishnan Nair further teaches requesting, by the guest operating system, the CPUID information of the virtual processor device; and based on the CPUID information, determining that the processor device has the capability to limit access to physical pages of memory to execute-only access ([0080], During the early phase of booting of the guest OS, a device manager client 541 performs a hypercall to the host to pull a list of virtual device configurations, and the corresponding virtual device drivers to be loaded on the guest OS; [0127]-[0128] & [0136], INTEL® VT-x extended page table (EPT) provides the capability to map pages as execute-only and read/write protected. This is enabled by setting the bit 0 of IA32_VMX_EPT_VPID_CAP MSR (i.e., index 48CH)).
Regarding claim(s) 6, the combination of Tsirkin and Ramakrishnan Nair further teaches wherein receiving, by the hypervisor, the request from the guest operating system comprises receiving, from the guest operating system, a hypercall that includes a range of memory addresses (Tsirkin, [0033], guest 111 invokes a hypercall that causes hypervisor 108 to set permissions of a set of memory pages corresponding to memory allocated to the guest; [0043], kernel 204 detects the loading of application 202-1 and a range of guest physical memory addresses that should be executable by the application. Guest 111 may invoke a hypercall enabling passing the guest physical memory addresses at which the memory pages storing the kernel executable code are stored, requesting permission).
Regarding claim(s) 7, 16 and 20, the combination of Tsirkin and Ramakrishnan Nair further teaches wherein the request from the guest operating system comprises a range of guest operating system memory addresses (Tsirkin, [0033], [0043]) and further comprising: translating the guest operating system memory addresses to a range of physical memory addresses (Tsirkin, [0036], Kernel 204 maintains data structures that map {translating} the virtual memory of each application into the physical memory of the computer. The data structures may be page tables that establish an association between the virtual addresses of a user process and the physical memory of the system. For each application executing in host machine 102, kernel 204 may create a set of page tables to map virtual addresses assigned to the respective application to physical address in memory 106);
determining at least one physical page of memory that includes memory addressed by the range of physical memory addresses (Tsirkin, [0043], kernel 204 detects the loading of application 202-1 and a range of guest physical memory addresses that should be executable by the application. Guest 111 may invoke a hypercall enabling passing the guest physical memory addresses at which the memory pages storing the kernel executable code are stored, requesting permission to execute these memory pages);
accessing at least one page table entry of a page table, the at least one page table entry corresponding to the at least one physical page of memory (Tsirkin, [0036], Kernel 204 maintains data structures that map {translating} the virtual memory of each application into the physical memory of the computer. The data structures may be page tables that establish an association between the virtual addresses of a user process and the physical memory of the system;
[0044], Hypervisor 108 receives the request and enables execution by modifying the permissions in hypervisor page tables 220. Hypervisor 108 may set bits in hypervisor page tables 220 based on the requested access permissions); and
modifying information in the at least one page table entry to identify the at least one physical page of memory as being execute-only access (Tsirkin, [0038], Setting a set of physical memory pages to a desired permission may refer to setting the physical memory addresses at which the physical memory pages are stored to the desired permission; 
[0044], Hypervisor 108 may set bits in hypervisor page tables 220 based on the requested access permissions. 
Note that, Ramakrishnan Nair teaches memory page is “execute-only” in [0095], page is maintained execute-only (i.e., read/write protected) by using the INTEL® VT feature of extended page table (EPT)).
Regarding claim(s) 8, the combination of Tsirkin and Ramakrishnan Nair further teaches wherein the processor device determines access rights to physical pages of memory based on information in the page table (Tsirkin, [0044], Hypervisor 108 may set bits in hypervisor page tables 220 based on the requested access permissions. The hypercall may be used by application code protector 210 to manipulate the permissions in hypervisor page tables 220;
Ramakrishnan Nair teaches memory page is “execute-only” in [0095], page is maintained execute-only (i.e., read/write protected) by using the INTEL® VT feature of extended page table (EPT)).
Regarding claim(s) 9, the combination of Tsirkin and Ramakrishnan Nair further teaches initiating, by the guest operating system, a kernel module into the range of memory (Tsirkin, [0044], application code protector 210 detects that application 202-1 is being loaded and determines which guest physical memory pages {range of memory} allocated to the application should be executable;
Note that, it is well known in the art that a kernel module is an obvious choice of an application, which is executable and loadable into a range of memory); and 
communicating, to the hypervisor, the request that the range of memory be identified as being execute-only access ([0044], send a request for permission to execute the physical memory pages storing executable application code to hypervisor 108. The request may include the guest physical memory addresses of these memory pages. In some examples, application code protector 210 invokes a hypercall and passes the guest physical addresses of the physical memory pages, requesting permission to execute these pages. Hypervisor 108 receives the request and enables execution by modifying the permissions in hypervisor page tables 220. Hypervisor 108 may set bits in hypervisor page tables 220 based on the requested access permissions; 
Ramakrishnan Nair teaches memory page is “execute-only” in [0095], page is maintained execute-only (i.e., read/write protected) by using the INTEL® VT feature of extended page table (EPT)).
Regarding claim(s) 10, the combination of Tsirkin and Ramakrishnan Nair further teaches initiating, by the guest operating system, a firmware module into the range of memory (Tsirkin, [0044], application code protector 210 detects that application 202-1 (e.g., a firmware module) is being loaded and determines which guest physical memory pages {range of memory} allocated to the application should be executable.
Note that, it is well known in the art that a firmware module is an obvious choice of an application, which is executable and loadable into a range of memory); and 
communicating, to the hypervisor, the request that the range of memory be identified as being execute-only access (Tsirkin, [0044], send a request for permission to execute the physical memory pages storing executable application code to hypervisor 108. The request may include the guest physical memory addresses of these memory pages. In some examples, application code protector 210 invokes a hypercall and passes the guest physical addresses of the physical memory pages, requesting permission to execute these pages. Hypervisor 108 receives the request and enables execution by modifying the permissions in hypervisor page tables 220. Hypervisor 108 may set bits in hypervisor page tables 220 based on the requested access permissions; 
Ramakrishnan Nair teaches memory page is “execute-only” in [0095], page is maintained execute-only (i.e., read/write protected) by using the INTEL® VT feature of extended page table (EPT)).
Regarding claim(s) 11 and 17, the combination of Tsirkin and Ramakrishnan Nair further teaches receiving, from the guest operating system, a request to identify the range of memory as not being limited to execute-only access ([0044], Hypervisor 108 may set bits in hypervisor page tables 220 based on the requested access permissions. The hypercall may be used by application code protector 210 to manipulate the permissions in hypervisor page tables 220); and marking the at least one physical page of memory as not being execute-only access ([0038]-[0039], Hypervisor 108 sets permissions on the guest physical addresses by, for example, setting a set of physical memory pages stored at the guest physical memory addresses in accordance with the desired permissions in hypervisor page tables 220… Examples of access permissions are read-only, write-only {not being execute-only access}).
Regarding claim(s) 12, the combination of Tsirkin and Ramakrishnan Nair further teaches removing, by the guest operating system, a kernel module from the range of memory; and communicating the request to identify the range of memory as not being limited to execute-only access (Tsirkin, [0044], application code protector 210 detects that application 202-1 (e.g., a kernel module) is being loaded and determines which guest physical memory pages {range of memory} allocated to the application should be executable.
Note that, it is well known in the art that a kernel module is an obvious choice of an application, which is executable and loadable into a range of memory. Further note that, when the executable code, e.g., kernel code, is unloaded from the range of memory, the “execute only” setting is not needed. Thus. the range of memory as not being limited to execute-only access would be obvious.
[0038]-[0039], Hypervisor 108 sets permissions on the guest physical addresses by, for example, setting a set of physical memory pages stored at the guest physical memory addresses in accordance with the desired permissions in hypervisor page tables 220).
Regarding claim(s) 13, the combination of Tsirkin and Ramakrishnan Nair further teaches determining, by the hypervisor, that a plurality of physical pages of memory encompasses the range of memory; and marking, by the hypervisor, the plurality of physical pages of memory as being execute-only access (Tsirkin, [0044], Application code protector 210 may send a request for permission to execute the physical memory pages storing executable application code to hypervisor 108. The request may include the guest physical memory addresses of these memory pages. In some examples, application code protector 210 invokes a hypercall and passes the guest physical addresses of the physical memory pages… Hypervisor 108 may set bits in hypervisor page tables 220 based on the requested access permissions. The hypercall may be used by application code protector 210 to manipulate the permissions in hypervisor page tables 220).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRACY C. CHAN whose telephone number is (571) 272-9992.  The examiner can normally be reached on Monday - Friday 9 AM to 5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ADAM M. QUELER can be reached on 571-272-4140.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/TRACY C CHAN/Primary Examiner, Art Unit 2137