DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement filed 01/11/2022 fails to comply with 37 CFR 1.97(c) because it lacks the fee set forth in 37 CFR 1.17(p).  (The IDS states that a fee was paid, but no fee appears to actually have been paid and no authorization to charge an account appears to have been filed with the IDS.)  It has been placed in the application file, but the information referred to therein has not been considered.

Allowable Subject Matter
Claims 2-7, 10-15, 18, and 21-22 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims (and if all rejections under all other sections are overcome). 
The following is the listing of the closest prior art:
Hakewill (US 2012/0079164) teaches controlling guest virtual machine access to a context.  (Note that a context reads on the recited “view” of claim 2.)  Hackewill teaches guest physical addresses to (host) physical addresses.  See Hackewill Abstract.  Hackewill also teaches allowing (kernel privileged code to execute (and by implication does not allow non-privileged code to execute) in a privileged context (e.g. the kernel).  Hackewill does not clearly teach the combination of storing external code in one view and internal code in the other view of the host physical address range and for at least that reason fails to teach the combination of “determining, by a processor of a computer, a page table of a 
Warkentin (US 10,002,084) teaches checking access privilege levels for different memory areas in a virtual machine using page table entries including access permissions in the page table entries.  See Warkentin paragraph 20.  Warkentin does not clearly discuss page tables mapping guest physical and host physical addresses so the reference cannot teach the access rule of claim 2 or render obvious the recited material of claims 1 and 2 of “determining, by a processor of a computer, a page table of a sample process based on a page directory base address of the sample process, wherein the sample 
Steinberg (US 10,447, 728) teaches different permissions for different contexts in a system with mapping between guest physical and host physical mappings.  Steinberg does not clearly state that the guest physical and host physical mapping entries indicate a rule that allows/forbids access by internal/external code and therefore cannot teach the recited “determining, by a processor of a computer, a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, the plurality of entries are in a one-to-one 








Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 9, 17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Warkentin (US 10,002,084) and Steinberg (US 10,447, 728, filed 2016).
1. A method, comprising: 
determining, by a processor of a computer, a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, (With respect to claim interpretation, the recite “determining . . . a page table . . . based on a page directory base address” is interpreted as referring to a page table accessed using page addresses (i.e. a page table “determined” based on its entries). Note also that denoting a process as a “sample process” does not require steps to be performed or limit (the process) to a particular structure.  See MPEP §§ 2103 and 2111.04.  Note that all references are to repeated steps (i.e. processes in the prior art run repeatedly).  Warkentin teaches: “Each enabled stage of address translation in a translation scheme uses memory mapped tables referred to as page tables 122. A given address translation requires one or more lookups of page tables 122 (referred to as one or more levels of lookup). A page table walk is the set of lookups required to translate a VA to a PA. Page tables 122 are organized into hierarchies, where each page table hierarchy includes a base table and a plurality of additional tables corresponding to one or more additional levels. For example, the ARM.RTM.v8 architecture specifies up to four levels of page tables referred to as level 0 through level 3 tables.”  Warkentin paragraph 17.  “Kernel 140 provides operating system functionality (e.g., process creation and control, file system, process threads, etc.), as well as CPU scheduling and memory scheduling across guest software in VMs 132, VMMs 144, and user program(s) 142.”  Warkentin paragraph 25.) the plurality of entries are in a one-to-one correspondence to a plurality of guest virtual addresses, each entry of the plurality of entries comprises first information, the respective first information of each entry indicates whether the guest virtual address corresponding to the respective entry has been assigned the  guest physical address, and wherein, for each entry in which the first information of the respective entry indicates that the guest virtual address corresponding to the respective entry has been assigned the guest physical address, (The previously cited art does not expressly state that the page tables contain guest virtual to guest physical address page table entries.  
Steinberg teaches: “More generally, the virtualization layer may apply the protection profile to override the permissions configured by the guest operating system kernel in the guest page tables (for the guest-virtual address to guest-physical address translations) with the permissions configured by the virtualization layer in the nested page tables (for the guest-physical address to host-physical address translations) on a per-page and per-process basis.”  Steinberg paragraph 17.
It would have been obvious to one of ordinary skill in the art to combine the teaching of Steinberg because the mappings in the reference avoid the difficulty of programming applications to share address space with other applications (i.e. the mapping allows the use of virtual memory).) the respective entry further comprises second information, the second information indicating an access permission of the corresponding assigned guest physical address; determining, by the processor, a target entry from the page table of the sample process by determining an entry of the plurality of entries for which a value of the first information of the determined entry indicates that the guest virtual address corresponding to the determined entry has been assigned the guest physical address and for which the access permission indicated by the second information of the determined entry is execution allowed; (Steinberg teaches: “More generally, the virtualization layer may apply the protection profile to override the permissions configured by the guest operating system kernel in the guest page tables (for the guest-virtual address to guest-physical address translations) with the permissions configured by the virtualization layer in the nested page tables (for the guest-physical address to host-physical address translations) on a per-page and per-process basis.”  Steinberg paragraph 17.  “Advantageously, the guest process protection technique provides protection at the granularity of memory pages (or sub-pages) for a guest process running in a guest operating system.”  Steinberg paragraph 18. “each translation stage may define access permissions on a page granularity. That is, for each page referenced by a page table, access permissions may be specified as to whether the page is readable (r) writeable (w), or executable (x).” Steinberg column 13 lines 16-21.  “Moreover, in response to detecting a context switch away from the agent, the nested page table 430 may be marked to render all of the agent code pages completely invisible, i.e., remove read, write and execute permissions in the NPT for those code pages.” Steinberg column 22, lines 21-26.) determining, by the processor, a target guest physical address based on the target entry, wherein the target guest physical address is the guest physical address that has been assigned to the guest virtual address (“The guest operating system kernel 230 may create one or more sets of guest page tables (GPT) 410, wherein there is typically one set of guest page tables per guest process 240 that perform a first translation from a guest virtual (linear) address 415 to a guest-physical address 425. . . . Virtualization provides one or more additional page tables, i.e., nested page tables (NPT) 430, layered underneath (i.e., nested with) the GPT 410. The nested page tables 430 may be utilized to perform a second translation from the guest-physical address 425 to a host-physical address 435, wherein the host-physical address 435 is an address used to access (physical) main memory 220. The translation of guest-physical address 425 to host-physical address 435 may be flexible, i.e., such translation may be implemented on a per page basis to determine how each guest-physical address 425 is translated to a host-physical address 435.”  Steinberg paragraph 43-44.) and monitoring, by the processor, behavior of accessing a memory space indicated by the target host physical address, wherein the memory space is of a memory comprised in the computer. (“It should be noted that either arrangement may provide additional functionality, wherein each translation stage may define access permissions on a page granularity. That is, for each page referenced by a page table, access permissions may be specified as to whether the page is readable (r) writeable (w), or executable (x).”  Steinberg paragraph 46.)
9. An apparatus, comprising: a memory, configured to provide memory space; a processor; and a memory controller, configured to control access of the processor to the memory space based on an access request sent by the processor; and wherein the processor is configured to: 
determine a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is a process generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, the (See rejection of claim 1.)
17. A computer chip, comprising: at least one processor, configured to perform the following operations: 
determining a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, the plurality of entries are in one-to-one correspondence to a plurality of guest virtual addresses, each entry of the plurality of entries comprises first information, the first information of each entry indicates (See rejection of claim 1.)
20. A computer-readable storage medium, comprising a computer program, wherein when the computer program runs on a computer device, a processor comprised in the computer device is caused to perform the following operations: 
determining a page table of a sample process based on a page directory base address of the sample process, wherein the sample process is a process generated after a monitored sample program runs, the page table of the sample process comprises a plurality of entries, the plurality of entries are in one-to-one correspondence to a plurality of guest virtual addresses, each entry of the plurality of entries comprises first information, the first information of each entry indicates whether the guest virtual address corresponding to the respective entry has (See rejection of claim 1.)
Claims 8 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Warkentin and Steinberg and Berkley (CS61C Fall 2014)
8. The method according to claim 1, wherein 
each entry of the plurality of entries comprises 64 bits, and wherein, for each entry of the plurality of entries, first information of the respective entry comprises one bit, the first information of the respective entry occupies a 0th bit among the 64 bits, and wherein the respective entry comprises the second information, the second information of the respective entry comprises one bit, and the second information of the respective entry occupies a 63rd bit among the 64 bits.  (Steinberg teaches: “More generally, the virtualization layer may apply the protection profile to override the permissions configured by the guest operating system kernel in the guest page tables (for the guest-virtual address to guest-physical address translations) with the permissions configured by the virtualization layer in the nested page tables (for the guest-physical address to host-physical address translations) on a per-page and per-process basis.”  Steinberg paragraph 17.  “Advantageously, the guest process protection technique provides protection at the granularity of memory pages (or sub-pages) for a guest process running in a guest operating system.”  Steinberg paragraph 18.  “Exemplary CPUs may include families of instruction set architectures based on the x86 CPU from Intel Corporation of Santa Clara, Calif., the x64 CPU from Advanced Micro Devices of Sunnyvale, Calif., and the ARM CPU from ARM Holdings, plc of the United Kingdom.” Steinberg paragraph 23.  “However, additional views of memory may be created for each guest process, such as where every view corresponds to a different (i.e., separate) nested page table. Thus, different guest processes may view the guest-physical memory differently (e.g., with different translations or different permissions to the host-physical memory).”  Steinberg paragraph 30.  “It should be noted that either arrangement may provide additional functionality, wherein each translation stage may define access permissions on a page granularity. That is, for each page referenced by a page table, access permissions may be specified as to whether the page is readable (r) writeable (w), or executable (x).”  Steinberg paragraph 46.” Steinberg paragraph 46.  “Moreover, in response to detecting a context switch away from the agent, the nested page table 430 may be marked to render all of the agent code pages completely invisible, i.e., remove read, write and execute permissions in the NPT for those code pages. Thus, when inactive on a processor core, the agent's code pages appear "unplugged" from a main memory perspective, i.e., the pages seem to be not resident in memory 220. When the guest operating system switches back to the agent, the code pages may be made to reappear by again altering permissions (now allowing access) for those code pages in the NPT. Note that permissions for the code pages in the GPT, which is subject to attack in the guest mode, need not be altered other than pages used to translate access to the code pages themselves (i.e., pages storing portions of the GPT translating addresses of the code pages).”  Steinberg paragraph 74.  With respect to the “first information” note that all bits in the mapping entry “indicate that a guest virtual address corresponding to the target entry has been assigned a guest physical address”.  With respect to the second information, Steinberg teaches permissions indicating execution allowed for a given address mapping but does not expressly teach that the information is stored on the 63rd bit of the 64 bit addresses taught in the reference.  
Berkley teaches storing access permission bits in page table entries with the physical page number.  See Berkley page 2, first figure.
It would have been obvious to one of ordinary skill in the art before the effective filing date to combine the teaching of Berkley before the effective filing date because storing access bits in the page table entry reduces accesses (i.e. the permissions can be read without a separate access whenever the physical address is retrieved).  
The previously cited art does not expressly teach the specific location of the bits used to indicate the second information.  
The specific placement of address bits used to indicate the second (and first) information would have been obvious to one of ordinary skill in the art as a mere rearrangement of parts because the location of the bit does not modify the function of the device. See MPEP § 2144.04.)
16. The apparatus according to claim 9, wherein 
each entry of the plurality of entries comprises 64 bits, and wherein, for each entry of the plurality of entries, first information of the respective entry comprises one bit, the first information of the respective entry occupies a 0th bit among the 64 bits, and wherein the (See rejection of claim 8.)
Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Warkentin and Steinberg and Solomon (Inside Microsoft Windows 2000, Third Edition (Microsoft Programming Series))
19. The computer chip according to claim 17, wherein the at least one processor is further configured to perform the following operations: 
determining a target guest virtual address corresponding to the target guest physical address based on a page table of the sample process; (See rejection of claim 1.) determining a virtual address range to which the target guest virtual address belongs from a virtual address descriptor (VAD); and determining whether the target code is external code or internal code based on a code segment name corresponding to the virtual address range recorded in the VAD.  (The previously cited art does not discuss virtual address descriptors. 
Solomon teaches: “the memory manager waits to create a page table until a thread incurs a page fault, and then it creates a page table for that page. This method significantly improves performance for processes that reserve and/or commit a lot of memory but access it sparsely. With the lazy-evaluation algorithm, allocating even large blocks of memory is a fast operation. This performance gain isn't without its trade-offs, however: when a thread allocates memory, the memory manager must respond with a range of addresses for the thread to use. Because the memory manager doesn't build page tables until the thread actually accesses the memory, it can't look to determine which virtual addresses are free. To solve this problem, the memory manager maintains another set of data structures to keep track of which virtual addresses have been reserved in the process's address space and which have not. These data structures are known as virtual address descriptors (VADs). For each process, the memory manager maintains a set of VADs that describes the status of the process's address space. VADs are structured as a self-balancing binary tree to make lookups efficient. . . . When a process reserves address space or maps a view of a section, the memory manager creates a VAD to store any information supplied by the allocation request, such as the range of addresses being reserved, whether the range will be shared or private, whether a child process can inherit the contents of the range, and the page protection applied to pages in the range. When a thread first accesses an address, the memory manager must create a PTE for the page containing the address. To do so, it finds the VAD whose address range contains the accessed address and uses the information it finds to fill in the PTE. If the address falls outside the range covered by the VAD or in a range of addresses that are reserved but not committed, the memory manager knows that the thread didn't allocate the memory before attempting to use it and therefore generates an access violation.”  Solomon page 6. 
It would have been obvious to one of ordinary skill in the art to combine the teaching of Solomon before the effective filing date because this helps with lazy creation of page table entries which avoids unnecessary work.)


Response to Arguments
Applicant's arguments filed 01/11/2022 have been fully considered but they are not persuasive.
Rejections under § 112b:
All rejections under this section are withdrawn based on claim amendments.
Rejections under § 103:
Applicant argues that the art of record fails to teach “determining, by the processor, a target entry from the page table of the sample process by determining an entry of the plurality of entries for which a value of the first information of the determined entry indicates that the guest virtual address corresponding to the determined entry has been assigned the guest physical address and the access permission indicated by the second information of the determined entry is execution allowed” by paraphrasing portions of Steinberg which were not cited as teaching this limitation in the final action. Any deficiency in uncited sections of the reference are immaterial to the teachings of the cited portions of the reference.  Note that the remarks to not assert teaching away or any reason why the secondary reference could not be combined with the primary reference.   Note that the cited portions of Steinberg teach page table entries being marked with access permissions by at several granularities including the per process/per page granularity.  See rejection above.  





Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to PAUL M KNIGHT whose telephone number is (571)272-8646.  The examiner can normally be reached on Monday - Friday 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Reginald Bragdon can be reached on 571 272 4204.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


PAUL M. KNIGHT
Examiner
Art Unit 2139



/PAUL M KNIGHT/Examiner, Art Unit 2139