DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
Claims 2-7, 10-15, and 18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims (and if all rejections under all other sections are overcome). 
The following is the listing of the closest prior art:
Hakewill (US 2012/0079164) teaches controlling guest virtual machine access to a context.  (Note that a context reads on the recited “view” of claim 2.)  Hackewill teaches guest physical addresses to (host) physical addresses.  See Hackewill Abstract.  Hackewill also teaches allowing (kernel privileged code to execute (and by implication does not allow non-privileged code to execute) in a privileged context (e.g. the kernel).  Hackewill does not clearly teach the combination of storing external code in one view and internal code in the other view of the host physical address range and for at least that reason fails to teach the combination of “determining, by a processor of a computer, a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, the plurality of entries are in a one-to-one correspondence to a plurality of guest virtual addresses, each entry of the plurality of entries comprises first information, the respective first information of each entry indicates whether a guest virtual address corresponding to the respective entry has been assigned a guest physical address, and wherein, for each entry in which the first information of the respective entry indicates that the guest virtual address corresponding to the 
Warkentin (US 10,002,084) teaches checking access privilege levels for different memory areas in a virtual machine using page table entries including access permissions in the page table entries.  See Warkentin paragraph 20.  Warkentin does not clearly discuss page tables mapping guest physical and host physical addresses so the reference cannot teach the access rule of claim 2 or render obvious the recited material of claims 1 and 2 of “determining, by a processor of a computer, a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, the plurality of entries are in a one-to-one correspondence to a plurality of guest virtual addresses, each entry of the plurality of entries comprises first information, the respective first information of each entry indicates whether a guest virtual address corresponding to the respective entry has been assigned a guest physical address, and wherein, for each entry in which the first information of the respective entry indicates that the guest virtual address corresponding to the respective entry has been assigned the guest physical address, the respective entry further comprises 
Steinberg (US 10,447, 728) teaches different permissions for different contexts in a system with mapping between guest physical and host physical mappings.  Steinberg does not clearly state that the guest physical and host physical mapping entries indicate a rule that allows/forbids access by internal/external code and therefore cannot teach the recited “determining, by a processor of a computer, a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, the plurality of entries are in a one-to-one correspondence to a plurality of guest virtual addresses, each entry of the plurality of entries comprises first information, the respective first information of each entry indicates whether a guest virtual address corresponding to the respective entry has been assigned a guest physical address, and wherein, for each entry in which the first information of the respective entry indicates that the guest virtual address corresponding to the respective entry has been assigned the guest physical address, the respective entry further comprises second information, the second information indicating an access permission of the corresponding assigned guest physical address; determining, by the processor, a target entry from the 








Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 1 recites “a guest virtual/physical address” at lines 7, 8, 14, and 15.  It is not clear whether all instances of “a guest physical/virtual address” refer to the same address or if a new guest address is being introduced.  Note that antecedent basis generally requires only the first reference to an item to be introduced with the indefinite article (“a”) and subsequent references to the same item to us the definite article (“the”).
Claim 9 recites “a guest virtual/physical address” at lines 12, 13, 19, 20, and 23.  It is not clear whether all instances of “a guest virtual/physical address” refer to the same address or if a new guest physical address is being introduced.  Note that antecedent basis generally requires only the first reference to an item to be introduced with the indefinite article (“a”) and subsequent references to the same item to us the definite article (“the”).
Claim 17 recites “a guest virtual/physical address” at lines 8, 9, 15, 16, and 19.  It is not clear whether all instances of “a
Claim 20 recites “a guest virtual/physical address” at lines 9, 10, 16, 17, and 20.  It is not clear whether all instances of “a guest virtual/physical address” refer to the same address or if a new guest physical address is being introduced.  Note that antecedent basis generally requires only the first reference to an item to be introduced with the indefinite article (“a”) and subsequent references to the same item to us the definite article (“the”).
All dependent claims are rejected as containing the limitations of the claims from which they depend.  



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 9, 17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Warkentin (US 10,002,084) and Steinberg (US 10,447, 728, filed 2016).
1. A method, comprising: 
determining, by a processor of a computer, a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, (With respect to claim interpretation, the recite “determining . . . a page table . . . based on a page directory base address” is interpreted as referring to a page table accessed using page addresses (i.e. a page table “determined” based on its entries). Note also that denoting a process as a “sample process” does not require steps to be performed or limit (the process) to a particular structure.  See MPEP §§ 2103 and 2111.04.  Note that all references are to repeated steps (i.e. processes in the prior art run repeatedly).  Warkentin teaches: “Each enabled stage of address translation in a translation scheme uses memory mapped tables referred to as page tables 122. A given address translation requires one or more lookups of page tables 122 (referred to as one or more levels of lookup). A page table walk is the set of lookups required to translate a VA to a PA. Page tables 122 are organized into hierarchies, where each page table hierarchy includes a base table and a plurality of additional tables corresponding to one or more additional levels. For example, the ARM.RTM.v8 architecture specifies up to four levels of page tables referred to as level 0 through level 3 tables.”  Warkentin paragraph 17.  “Kernel 140 provides operating system functionality (e.g., process creation and control, file system, process threads, etc.), as well as CPU scheduling and memory scheduling across guest software in VMs 132, VMMs 144, and user program(s) 142.”  Warkentin paragraph 25.) the plurality of entries are in a one-to-one correspondence to a plurality of guest virtual addresses, each entry of the plurality of entries comprises first information, the respective first information of each entry indicates whether a guest virtual address corresponding to the respective entry has been assigned a guest physical address, and wherein, for each entry in which the first information of the respective entry indicates that the guest virtual address corresponding to the respective entry has been assigned the guest physical address, (The previously cited art does not expressly state that the page tables contain guest virtual to guest physical address page table entries.  
Steinberg teaches: “More generally, the virtualization layer may apply the protection profile to override the permissions configured by the guest operating system kernel in the guest page tables (for the guest-virtual address to guest-physical address translations) with the permissions configured by the virtualization layer in the nested page tables (for the guest-physical address to host-physical address translations) on a per-page and per-process basis.”  Steinberg paragraph 17.
It would have been obvious to one of ordinary skill in the art to combine the teaching of Steinberg because the mappings in the reference avoid the difficulty of programming applications to share address space with other applications (i.e. the mapping allows the use of virtual memory).) the respective entry further comprises second information, the second information indicating an access permission of the corresponding assigned guest physical address; determining, by the processor, a target entry from the page table of the sample process, wherein a value of first information of the target entry indicates that a guest virtual address corresponding to the target entry has been assigned a guest physical address, and an access permission indicated by second information of the target entry is execution allowed; (“More generally, the virtualization layer may apply the protection profile to override the permissions configured by the guest operating system kernel in the guest page tables (for the guest-virtual address to guest-physical address translations) with the permissions configured by the virtualization layer in the nested page tables (for the guest-physical address to host-physical address translations) on a per-page and per-process basis.”  Steinberg paragraph 17.  “Advantageously, the guest process protection technique provides protection at the granularity of memory pages (or sub-pages) for a guest process running in a guest operating system.”  Steinberg paragraph 18.) determining, by the processor, a target guest physical address based on the target entry, wherein the target guest physical address is the guest physical address that has been assigned to the guest virtual address corresponding to the target entry; determining, by the processor, a target host physical address corresponding to the target guest physical address; (“The guest operating system kernel 230 may create one or more sets of guest page tables (GPT) 410, wherein there is typically one set of guest page tables per guest process 240 that perform a first translation from a guest virtual (linear) address 415 to a guest-physical address 425. . . . Virtualization provides one or more additional page tables, i.e., nested page tables (NPT) 430, layered underneath (i.e., nested with) the GPT 410. The nested page tables 430 may be utilized to perform a second translation from the guest-physical address 425 to a host-physical address 435, wherein the host-physical address 435 is an address used to access (physical) main memory 220. The translation of guest-physical address 425 to host-physical address 435 may be flexible, i.e., such translation may be implemented on a per page basis to determine how each guest-physical address 425 is translated to a host-physical address 435.”  Steinberg paragraph 43-44.) and monitoring, by the processor, behavior of accessing a memory space indicated by the target host physical address, wherein the memory space is of a memory comprised in the computer. (“It should be noted that either arrangement may provide additional functionality, wherein each translation stage may define access permissions on a page granularity. That is, for each page referenced by a page table, access permissions may be specified as to whether the page is readable (r) writeable (w), or executable (x).”  Steinberg paragraph 46.)
9. An apparatus, comprising: a memory, configured to provide memory space; a processor; and a memory controller, configured to control access of the processor to the memory space based on an access request sent by the processor; and wherein the processor is configured to: 
determine a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is a process generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, the plurality of entries are in one-to-one correspondence to a plurality of guest virtual addresses, each entry of the plurality of entries comprises first information, the first information of each entry of the plurality of entries indicates whether a guest virtual address corresponding to the respective entry has been assigned a guest physical address, and wherein, for each entry in which the first information of the respective entry indicates that the guest virtual address corresponding to the respective entry has been assigned the guest physical address, the respective entry further comprises second information, the second information indicating an (See rejection of claim 1.)
17. A computer chip, comprising: at least one processor, configured to perform the following operations: 
determining a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, the plurality of entries are in one-to-one correspondence to a plurality of guest virtual addresses, each entry of the plurality of entries comprises first information, the first information of each entry indicates whether a guest virtual address corresponding to the respective entry has been assigned a guest physical address, and wherein, for each entry in which the first information of the respective entry indicates that the guest virtual address corresponding to the respective entry has been assigned the guest physical address, the respective entry further comprises second information, the second information indicating an access permission of the corresponding assigned guest physical address; determining a target entry from the page table of the sample process, wherein a value of first information of the target entry indicates that a guest virtual address (See rejection of claim 1.)
20. A computer-readable storage medium, comprising a computer program, wherein when the computer program runs on a computer device, a processor comprised in the computer device is caused to perform the following operations: 
determining a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is a process generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, the plurality of entries are in one-to-one correspondence to a plurality of guest virtual addresses, each entry of the plurality of entries comprises first information, the first information of each entry indicates whether a guest virtual address corresponding to the respective entry has been assigned a guest physical address, and wherein, for each entry in which the first information of the respective entry indicates that the guest virtual address corresponding to the respective entry has been assigned the guest physical address, the respective entry further comprises second information, the second information indicating an access permission of the assigned guest physical address; determining a target entry from the page table of the sample process, wherein a value of first information of the target entry indicates that a guest virtual address corresponding to the target entry has been assigned a guest physical address, and an access permission indicated by second information of the target entry is execution allowed; (See rejection of claim 1.)
Claims 8 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Warkentin and Steinberg and Berkley (CS61C Fall 2014)
8. The method according to claim 1, wherein 
each entry of the plurality of entries comprises 64 bits, and wherein, for each entry of the plurality of entries, first information of the respective entry comprises one bit, the first information of the respective entry occupies a 0th bit among the 64 bits, second information of the respective entry comprises one bit, and the second information of the respective entry occupies a 63rd bit among the 64 bits.  (Steinberg teaches: “More generally, the virtualization layer may apply the protection profile to override the permissions configured by the guest operating system kernel in the guest page tables (for the guest-virtual address to guest-physical address translations) with the permissions configured by the virtualization layer in the nested page tables (for the guest-physical address to host-physical address translations) on a per-page and per-process basis.”  Steinberg paragraph 17.  “Advantageously, the guest process protection technique provides protection at the granularity of memory pages (or sub-pages) for a guest process running in a guest operating system.”  Steinberg paragraph 18.  “Exemplary CPUs may include families of instruction set architectures based on the x86 CPU from Intel Corporation of Santa Clara, Calif., the x64 CPU from Advanced Micro Devices of Sunnyvale, Calif., and the ARM CPU from ARM Holdings, plc of the United Kingdom.” Steinberg paragraph 23.  “However, additional views of memory may be created for each guest process, such as where every view corresponds to a different (i.e., separate) nested page table. Thus, different guest processes may view the guest-physical memory differently (e.g., with different translations or different permissions to the host-physical memory).”  Steinberg paragraph 30.  “It should be noted that either arrangement may provide additional functionality, wherein each translation stage may define access permissions on a page granularity. That is, for each page referenced by a page table, access permissions may be specified as to whether the page is readable (r) writeable (w), or executable (x).”  Steinberg paragraph 46.” Steinberg paragraph 46.  “Moreover, in response to detecting a context switch away from the agent, the nested page table 430 may be marked to render all of the agent code pages completely invisible, i.e., remove read, write and execute permissions in the NPT for those code pages. Thus, when inactive on a processor core, the agent's code pages appear "unplugged" from a main memory perspective, i.e., the pages seem to be not resident in memory 220. When the guest operating system switches back to the agent, the code pages may be made to reappear by again altering permissions (now allowing access) for those code pages in the NPT. Note that permissions for the code pages in the GPT, which is subject to attack in the guest mode, need not be altered other than pages used to translate access to the code pages themselves (i.e., pages storing portions of the GPT translating addresses of the code pages).”  Steinberg paragraph 74.  With respect to the “first information” note that all bits in the mapping entry “indicate that a guest virtual address corresponding to the target entry has been assigned a guest physical address”.  With respect to the second information, Steinberg teaches permissions indicating execution allowed for a given address mapping but does not expressly teach that the information is stored on the 63rd bit of the 64 bit addresses taught in the reference.  
Berkley teaches storing access permission bits in page table entries with the physical page number.  See Berkley page 2, first figure.
It would have been obvious to one of ordinary skill in the art before the effective filing date to combine the teaching of Berkley before the effective filing date because storing access bits in the page table entry reduces accesses (i.e. the permissions can be read without a separate access whenever the physical address is retrieved).  
The previously cited art does not expressly teach the specific location of the bits used to indicate the second information.  
The specific placement of address bits used to indicate the second (and first) information would have been obvious to one of ordinary skill in the art as a mere rearrangement of parts because the location of the bit does not modify the function of the device. See MPEP § 2144.04.)
16. The apparatus according to claim 9, wherein 
each entry of the plurality of entries comprises 64 bits, and wherein, for each entry of the plurality of entries, first information of the respective entry comprises one bit, the first information of the respective entry occupies a 0th bit among the 64 bits, second information of the respective entry comprises one bit, and the second information of the respective entry occupies a 63rd bit among the 64 bits.  (See rejection of claim 8.)
Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Warkentin and Steinberg and Solomon (Inside Microsoft Windows 2000, Third Edition (Microsoft Programming Series))
19. The computer chip according to claim 17, wherein the at least one processor is further configured to perform the following operations: 
determining a target guest virtual address corresponding to the target guest physical address based on a page table of the sample process; (See rejection of claim 1.) determining a (The previously cited art does not discuss virtual address descriptors. 
Solomon teaches: “the memory manager waits to create a page table until a thread incurs a page fault, and then it creates a page table for that page. This method significantly improves performance for processes that reserve and/or commit a lot of memory but access it sparsely. With the lazy-evaluation algorithm, allocating even large blocks of memory is a fast operation. This performance gain isn't without its trade-offs, however: when a thread allocates memory, the memory manager must respond with a range of addresses for the thread to use. Because the memory manager doesn't build page tables until the thread actually accesses the memory, it can't look to determine which virtual addresses are free. To solve this problem, the memory manager maintains another set of data structures to keep track of which virtual addresses have been reserved in the process's address space and which have not. These data structures are known as virtual address descriptors (VADs). For each process, the memory manager maintains a set of VADs that describes the status of the process's address space. VADs are structured as a self-balancing binary tree to make lookups efficient. . . . When a process reserves address space or maps a view of a section, the memory manager creates a VAD to store any information supplied by the allocation request, such as the range of addresses being reserved, whether the range will be shared or private, whether a child process can inherit the contents of the range, and the page protection applied to pages in the range. When a thread first accesses an address, the memory manager must create a PTE for the page containing the address. To do so, it finds the VAD whose address range contains the accessed address and uses the information it finds to fill in the PTE. If the address falls outside the range covered by the VAD or in a range of addresses that are reserved but not committed, the memory manager knows that the thread didn't allocate the memory before attempting to use it and therefore generates an access violation.”  Solomon page 6. 
It would have been obvious to one of ordinary skill in the art to combine the teaching of Solomon before the effective filing date because this helps with lazy creation of page table entries which avoids unnecessary work.)


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Title
Document I.D.
Reason Included
INFORMATION PROCESSING APPARATUS, CONTROL CIRCUIT, AND CONTROL METHOD
US 20140325123 A1
"For example, the information processing apparatus stores therein, for each storage area, the time at which information is written. Then, the information processing apparatus compares the stored time with the current time and then calculates the elapsed time since the information is written. Then, the information processing apparatus determines, in accordance with the result of the comparison between the elapsed time and a predetermined threshold, whether the information is to be rewritten." paragraph 0005.  "the NAND controller compares the time stored in the management information table with the current time counted by the time counter and then identifies data that has been stored for a predetermined time period after the data was written. Then, as illustrated by (l) in FIG. 3, the NAND controller moves the identified data to another block." paragraph 0048.
SELF-JOURNALING AND HIERARCHICAL CONSISTENCY FOR NON-VOLATILE STORAGE
US 20140082261 A1
"A malfunction results in information from the streams being stored in the NVM out-of-order with respect to each other. Time markers (e.g. epoch headers and/or timestamps) stored with the information in the streams enable determining relative ordering of the stream information that is stored in the NVM." paragraph 0033. "each of the data units associated with a respective one of a plurality of timestamps" paragraph 0049.  "In some embodiments, a time-ordering of hierarchically consistent data and/or data structures is determined by timestamps and/or sequence numbers. That is, determining whether write data was written to NVM subsequent to or prior to a corresponding updated map entry is by a comparison of timestamps and/or sequence numbers." paragraph 0426.
Method and apparatus for high assurance processing
US 20060075236 A1
“When the address presented by the processor for a particular access cycle is within an address range received from the memory access privileged table for a particular context, the processor is allowed to access the memory according to the access cycle. Otherwise, the memory management unit forces the processor to tale an exception.”
MICROPROCESSOR WITH DUAL-LEVEL ADDRESS TRANSLATION
US 20120079164 A1
"[0031] Alternate virtualization solutions add guest-specific registers to the privileged state, which determine which parts of the privileged state may be accessed when in guest mode. Some systems add shadow registers at unused locations, which are used in place of existing privileged registers when in guest mode. In contrast, the invention utilizes a separate privileged context used when executing in guest mode, which can in addition be accessed from a root mode. All privileged registers in the guest context are in the same locations as in the root context. The invention uses existing machine state for exception context, saving on guest-exit interrupts, and new state within the added guest context for exceptions handled within the guest."

US 20120255015 A1
Generally, this disclosure describes systems and methods for transparently instrumenting a computer process. The systems and methods are configured to allow instrumenting executable code while permitting legacy memory scanning tools to monitor corresponding uninstrumented executable code stored in memory.
Recursive system and method for binding compiled routines
US 4330822 A
"The binding algorithm employed by the present invention operates upon a segment dictionary which is provided by the compilers for the host program and each program unit to be bound to the host program, which segment dictionary includes segment descriptors that contain the address and length counts of code segments; data descriptors which contain the address and length counts of information, other than code, which information was created by the compiler; and external procedure descriptors which are a subset of the data descriptors and contain the address and length counts of the description of the subprogram routines which are to be bound to the host program." paragraph 13.  
Apparatus and method for controlling access to a memory
US 20040143720 A1
[0047] More particularly, in one embodiment the TLB is a main TLB for storing the new descriptors obtained by the single memory management unit from the table merging code, and the internal storage further comprises a micro-TLB for storing the access control information derived from the new descriptors, the access control information comprising conversions between a number of virtual address portions and corresponding physical address portions, and the access control information being transferred from the main TLB to the micro-TLB prior to use of that access control information by the single memory management unit.



Any inquiry concerning this communication or earlier communications from the examiner should be directed to PAUL M KNIGHT whose telephone number is (571)272-8646.  The examiner can normally be reached on Monday - Friday 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Reginald Bragdon can be reached on 571 272 4204.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


PAUL M. KNIGHT
Examiner
Art Unit 2139



/PAUL M KNIGHT/Examiner, Art Unit 2139