Notice of Pre-AIA  or AIA  Status
DETAILED ACTION

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to application 16/296,306 filed on 3/8/2019.
Claims 1-25 have been examined.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 7/30/2019 and 8/16/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Non-patent literature documents 3 and 4 listed on the information disclosure statement filed 8/16/2021 fails to comply with 37 CFR 1.98(a)(3)(i) because it does not include a concise explanation of the relevance, as it is presently understood by the individual designated in 37 CFR 1.56(c) most knowledgeable about the content of the information, of each reference listed that is not in the English language.  It has been placed in the application file, but the information referred to therein has not been considered.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Shanbhogue et al. (US 2019/0042463), Sahita et al. (US 2015/0378930), and Tarasuk-Levin et al. (US 2017/0357592).
With respect to claim 1, Shanbhogue teaches of a method comprising: receiving a secure access request for a secure page of memory at a secure interface control of a computer system (paragraphs 135, 142-145; where the IOMMU (claimed secure interface control) receives and processes the trusted DMA transaction).
Shanbhogue fails to explicitly teach of (1) checking, by the secure interface control, a disable virtual address compare state associated with the secure page; and (2) disabling, by the secure interface control, a virtual address check in accessing the secure page to support mapping of a plurality of virtual addresses to a same absolute address to the secure page based on the disable virtual address compare state being set.
However, Sahita teaches of checking, by the secure interface control, a disable virtual address compare state associated with the secure page (fig. 4; paragraph 45, 51; where a bit field added to the EPT is analyzed to determine if it is required that an RLC check be in place); and 
disabling, by the secure interface control, a virtual address check in accessing the secure page based on the disable virtual address compare state being set (fig. 4; paragraph 45, 51-53; where as when the RLC entry is not required and the RLC was not found (i.e. no check can be preformed as there is not entry to check against) and the validity of the GVA to GPA presumed, the HPA mapping to that GPA is added to the TLB).
.

However, Tarasuk-Levin teaches of support mapping of a plurality of virtual addresses to a same absolute address to the secure page (fig. 3; paragraph 30; where the PPNs (virtual addresses) of duplicate pages are remapped to the MPN (absolute address) of the shared memory page).
The combination of Shanbhogue, Sahita, and Tarasuk-Levin teaches of disabling, by the secure interface control, a virtual address check in accessing the secure page to support mapping of a plurality of virtual addresses to a same absolute address to the secure page based on the disable virtual address compare state being set (Sahita fig. 4; paragraph 45, 51-53; Tarasuk-Levin fig. 3; paragraph 30; where in the combination the mapping of the addresses of Sahita shares the memory pages by mapping the duplicate pages to the MPN of the shared page as taught in Tarasuk-Levin).
Shanbhogue and Sahita are analogous art because they are from the same field of endeavor, as they are directed to accessing memory.
It would have been obvious to one of ordinary skill in the art having the teachings of Shanbhogue and Sahita before the time of the effective filing of the claimed invention to incorporate the field requiring or not requiring the RLC check into Shanbhogue as taught in Sahita.  Their motivation would have been to provide for more detailed control of validation of the address translation (Sahita paragraphs 1, 43, 51).

It would have been obvious to one of ordinary skill in the art having the teachings of Shanbhogue, Sahita, and Tarasuk-Levin before the time of the effective filing of the claimed invention to incorporate the sharing of secure pages in the combination of Shanbhogue and Sahita as taught in Tarasuk-Levin.  Their motivation would have been to reduce the amount of memory needed (Tarasuk-Levin paragraph 2).
With respect to claim 7, the combination of Shanbhogue, Sahita, and Tarasuk-Levin teaches of the limitations cited and described above with respect to claim 1 for the same reasoning as recited with respect to claim 1.
Shanbhogue also teaches of a system comprising: a memory (fig. 3, guest physical memory 316 & host physical memory 332);
a processing unit (fig. 3, processor 112); and 
a secure interface control (paragraphs 135, 142-145; IOMMU).
With respect to claim 13, the combination of Shanbhogue, Sahita, and Tarasuk-Levin teaches of the limitations cited and described above with respect to claim 1 for the same reasoning as recited with respect to claim 1.
Shanbhogue also teaches of a computer program product comprising a computer readable storage medium, the computer readable storage medium comprising computer executable instructions, which when executed by a secure interface control of a processing unit causes the processing unit to perform the method in claim 1 (paragraphs 86, 129-130, 314-315).
With respect to claims 2, 8, and 14, Shanbhogue teaches of verifying, by the secure interface control, that a secure domain of a plurality of secure domains is authorized to access a shared page based on a domain identifier (paragraph 134, 138-145; where a process address space ID (PASID) is associated with each trust domain (TD) and the PASID directory is indexed by the PASID which provides access to the specific translation page table).
With respect to claims 3, 9, and 15, Shanbhogue teaches of wherein the domain identifier of the secure domain is compared to a plurality of domain identifiers of the secure domains identified as allowing sharing to confirm authorization to access the shared page (paragraph 134, 138-145; where a process address space ID (PASID) is associated with each trust domain (TD) and the PASID directory is indexed by the PASID which provides access to the specific translation page table; in the combination with Tarasuk-Levin the pages are shared as taught in Tarasuk-Levin above).
With respect to claims 4, 10, and 16, the combination of Shanbhogue, Sahita, and Tarasuk-Levin teaches of confirming that a plurality of groups of dynamic-address-translation tables that map virtual addresses to absolute addresses is unchanged by an unsecure host configured to manage one or more of the groups of dynamic-address-translation tables for any of multiple secure domains that have access to the secure page (Sahita, paragraph 45-52; where the expected physical address of the RLC table is compared to the tentative physical address to see if the addresses match.  This can occur repeatedly for multiple addresses thus covering multiple groups of addresses from the translation tables),

terminating the secure access request based on detecting a change in the one or more groups of the dynamic-address-translation tables (Sahita fig. 4; paragraph 51-52; where the check requires the RLC entry check as there is no longer a corresponding RLC entry, it has changed (i.e. been removed) and a VM exit occurs).
The reasons for obviousness are the same as those indicated above with respect to claim 1.
With respect to claims 5, 11, and 17, the combination of Shanbhogue, Sahita, and Tarasuk-Levin teaches of wherein the disable virtual address compare state is stored and updated through a zone-security table comprising a secure domain identifier associated with the secure page (Shanbhogue, paragraph 32, 84; where the SEPT is encrypted using the TD’s private key), 
virtual address mapping data associated with the secure page (Sahita paragraph 16, where the EPT maps the guest physical address (virtual address) to the host physical address), and 
the disable virtual address compare state (Sahita paragraph 51, the bit field added to the EPT (claimed zone-security table)).
The reasons for obviousness are the same as indicated above with respect to claim 1.
With respect to claims 6, 12, and 18, Shanbhogue teaches of wherein the secure interface control comprises firmware, hardware, trusted software or a combination of firmware, 
the secure page is assigned to a secure virtual machine or a secure container managed by a hypervisor or operating system (paragraph 31, 43, 145; where a VMM (hypervisor) establishes the trust domains which are protected VMs and sets up the access control to the TD private pages, thus the VMM assigns the private pages to the TDs).
Claims 19-25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Shanbhogue, Sahita, and Wingard (US 2012/0117301).
With respect to claim 19, Shanbhogue teaches of a method comprising: receiving a secure access request for a secure page of memory at a secure interface control of a computer system (paragraphs 135, 142-145; where the IOMMU (claimed secure interface control) receives and processes the trusted DMA transaction).
Shanbhogue fails to explicitly teach of (1) checking, by the secure interface control, a disable virtual address compare state associated with the secure page; and (2) enabling absolute address access to the secure page with no virtual address specified based on an authorization status of an entity making the secure access request and the disable virtual address compare state being set.
However, Sahita teaches of checking, by the secure interface control, a disable virtual address compare state associated with the secure page (fig. 4; paragraph 45, 51; where a bit field added to the EPT is analyzed to determine if it is required that an RLC check be in place).
The combination of Shanbhogue, Sahita fails to explicitly teach of enabling absolute address access to the secure page with no virtual address specified based on an authorization 
However, Wingard teaches of enabling absolute address access to the secure page with no virtual address specified based on an authorization status of an entity making the secure access request and the disable virtual address compare state being set (paragraph 103; where the TLB provides dynamic physical address to the target without any virtual address translation for an initiator IP core that embeds its own MMU.  In the combination would occurs when the RLC check of Sahita is not required as the requestor has its own MMU and the check would not be necessary).
Shanbhogue and Sahita are analogous art because they are from the same field of endeavor, as they are directed to accessing memory.
It would have been obvious to one of ordinary skill in the art having the teachings of Shanbhogue and Sahita before the time of the effective filing of the claimed invention to incorporate the field requiring or not requiring the RLC check into Shanbhogue as taught in Sahita.  Their motivation would have been to provide for more detailed control of validation of the address translation (Sahita paragraphs 1, 43, 51).
Shanbhogue, Sahita, and Wingard are analogous art because they are from the same field of endeavor, as they are directed to accessing memory.
It would have been obvious to one of ordinary skill in the art having the teachings of Shanbhogue, Sahita, and Wingard before the time of the effective filing of the claimed invention to incorporate the dynamic physical address to target capability of Wingard into the the 
With respect to claim 23, the combination of Shanbhogue, Sahita, and Wingard teaches of the limitations cited and described above with respect to claim 19 for the same reasoning as recited with respect to claim 19.
Shanbhogue also teaches of a system comprising: a memory (fig. 3, guest physical memory 316 & host physical memory 332); 
a processing unit (fig. 3, processor 112); and 
a secure interface control (paragraphs 135, 142-145; IOMMU).
With respect to claims 20 and 24, Shanbhogue teaches of verifying, by the secure interface control, that a secure domain of a plurality of secure domains is authorized to access a shared page based on a domain identifier (paragraph 134, 138-145; where a process address space ID (PASID) is associated with each trust domain (TD) and the PASID directory is indexed by the PASID which provides access to the specific translation page table).
With respect to claim 21 and 25, Shanbhogue teaches of wherein the domain identifier of the secure domain is compared to a plurality of domain identifiers of the secure domains identified as allowing sharing to confirm authorization to access the shared page (paragraph 134, 138-145; where a process address space ID (PASID) is associated with each trust domain (TD) and the PASID directory is indexed by the PASID which provides access to the specific translation page table; in the combination with Tarasuk-Levin the pages are shared as taught in Tarasuk-Levin above).
With respect to claim 22, Shanbhogue teaches of wherein the secure interface control comprises firmware, hardware, trusted software or a combination of firmware, hardware, and trusted software (fig. 16; paragraph 134, 136; the IOMMU is made up of hardware and firmware) and
the secure page is assigned to a secure virtual machine or a secure container managed by a hypervisor or operating system (paragraph 31, 43, 145; where a VMM (hypervisor) establishes the trust domains which are protected VMs and sets up the access control to the TD private pages, thus the VMM assigns the private pages to the TDs).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Kong et al. (US 2016/0350543) discloses sharing memory between normal world and a secure world.
Mansell et al. (US 2009/0222816) discloses controlling secure memory access by virtual machines.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL C KROFCHECK whose telephone number is (571)272-8193.  The examiner can normally be reached on Monday - Friday 8am -5pm, first Friday off.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tim Vo can be reached on (571) 272-3642.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Michael Krofcheck/Primary Examiner, Art Unit 2138