DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Zimmer et al. US 2003/0061497 A1 in view of Bircher et al. US 2007/0208883 A1.

	Zimmer teaches:
1. A non-transitory computer readable medium having program instructions stored therein that are executable by a computing device to cause the computing device to perform operations comprising: 
initiating, by a bootloader, a boot sequence to load an operating system of the computing device; [para. 0002, DXE phase]
Zimmer does not teach the following limitation, however, Bircher teaches:
detecting, by the bootloader, a peripheral device inserted into the computing device [Fig. 1 176, 177, 167], wherein the peripheral device has firmware  [option rom] to be executed during the boot sequence to initialize the peripheral device for use by the computing device; [para. 0022, “Although not all expansion adapters contain option ROM, an expansion adapter usually requires option ROM when system BIOS utilizes the expansion adapter before the operating system loads or when the expansion adapter operates in a manner too complex for system BIOS to control directly.”] and 
Zimmer further teaches:
in response to the detecting, instantiating, by the bootloader, a sandbox that isolates the firmware from the bootloader.  [para. 0020, “The emulation of a legacy environment to support legacy operating systems and legacy option ROMs and the emulation of a physical mode environment to provide protected execution and storage in accordance with the present invention can be implemented by hardware and/or software contained within computing system 100.” And para. 0026, “In one embodiment the VMM may sandbox the state that code introduced from adapter cards and via third-party drivers could corrupt.”]

It would have been obvious to a person having ordinary skill in the art at the time of filing to combine the teachings of Bircher with those of Zimmer to arrive at the invention as claimed.  A person having ordinary skill in the art would have been motivated to combine the teachings because Bircher teaches that option rom is typically initialized in the pre-OS environment for expansion cards containing option rom, and that isolating the currently initializing expansion card is useful to prevent other expansion card option rom from potentially interfering with the characterization and mapping process.  (See para 0011).


Zimmer teaches:
2. The computer readable medium of claim 1, wherein the operations comprise: loading the firmware from an option read-only memory (OROM) included the peripheral device; and executing the firmware during the boot sequence to initialize the peripheral device.
[para. 0014, “For example, the VM emulates the PC/AT environment allowing a legacy option ROM to run and effect its I/O services.”]

	Zimmer teaches:
3. The computer readable medium of claim 1, wherein the operations comprise: 
assigning, by the bootloader, one or more memory address ranges to the firmware; and 
restricting, by the sandbox, the firmware from accessing memory addresses that are not included in the assigned one or more memory address ranges.
[para. 0024, “A VMM may be used to provide pre-boot security by sandboxing programs from third parties. Running a program in sandbox mode prevents the program from having access to the rest of the system. The code can be trusted, as it cannot harm the rest of the system. The application can be given access to a subset of the system resources, and access to portions of the memory map not designated for updates would trap to the VMM. A VMM pre-boot policy agent may then protect state and unload problematic software.”]

	Zimmer teaches:

	

	Zimmer teaches:
5. The computer readable medium of claim 3, wherein the assigning includes assigning a memory-mapped input/output (MMIO) address range of the peripheral device to the firmware; and wherein the restricting includes preventing the firmware from accessing an MMIO address of another peripheral device of the computing device.  [para. 0024]

	Zimmer teaches:
6. The computer readable medium of claim 3, wherein the operations comprise: 
servicing direct memory access (DMA) requests from the peripheral device that specify addresses within the one or more memory address ranges; and 
preventing direct memory access (DMA) requests from the peripheral device that specify addresses outside of the one or more address ranges.  [para. 0024]


	Zimmer teaches:
7. The computer readable medium of claim 1, wherein the operations comprise: 
executing the bootloader in a kernel mode in which the bootloader is executed with an unrestricted set of privileges [para. 0027]; and 


	Zimmer teaches:
8. The computer readable medium of claim 7, wherein the operations comprise: 
receiving, by the sandbox, a request from the firmware to cause the bootloader to perform an operation; [para. 0023]
in response to receiving the request, invoking, by the sandbox, a system call to cause a processor of the computing device to transition to executing the bootloader in the kernel mode; and performing, by the bootloader, the operation in response to a determination that the firmware is permitted to request the operation.  [para. 0023]

9. The computer readable medium of claim 7, wherein the operations comprise: 
receiving, by the sandbox, a request from the bootloader to cause the firmware to perform an operation  [para. 0024]; and 
in response to receiving the request, invoking, by the sandbox, a system return to cause a processor of the computing device to transition to executing the firmware in the application mode.  [para. 0024]

10. The computer readable medium of claim 1, wherein the bootloader supports a plurality of Unified Extensible Firmware Interface (UEFI) protocols usable to communicate data; and wherein the operations comprise: restricting, by the sandbox, the firmware to using only a subset of the supported plurality of UEFI protocols. [para. 0024-0027]

	Regarding claims 11-20, these method and apparatus claims implement the code stored on the CRM claim above and are rejected on the same grounds and rationale as the CRM claims above.


Response to Arguments
Applicant’s arguments, see remarks, filed 05 April 2021, with respect to the rejection(s) of claim(s) 1-20 under 35 USC 102(a)(1) have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Bircher et al. US 2007/0208883 A1.  Applicant’s amended claim seeks to distinguish from the Zimmer reference because Zimmer is directed towards an emulation environment which isolates (sandboxes) option rom in the pre-OS environment.  The amendment distinguishes from Zimmer because the option rom is targeting emulated hardware.  Zimmer uses a bootloader for a virtual (hypervisor) environment.  The bootloader is loading a virtualized OS.  Newly found reference Bircher sandboxes option rom and is directed towards a non-emulated or virtual environment.  Bircher isolates the selected option rom in a pre-boot characterization process by holding the other expansion boards in a reset state so they don’t interfere.  The problem with applicant’s claim is that it does not recite how the sandboxing or isolating occurs.  Thus the claim is so broad that it preempts any form of option rom isolation in the pre-boot environment.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY COLLINS whose telephone number is (571)270-0473.  The examiner can normally be reached on Monday - Friday 9-530 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Thomas Lee can be reached on (571) 272-3667.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to 






/GARY COLLINS/Examiner, Art Unit 2115