DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are presented for examination.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
The term “devices” in claim 1 (line 5), claim 8 (line 12), and claim 15 (line 5), is indefinite because it is unclear whether the devices refer to physical/hardware device, virtual device, or both.  Since the scope of the claims cannot be ascertained, these claims are found to be indefinite.  Claims 2-7, 9-14, and 16-20 are also indefinite for being dependent on rejected claims and failing to cure their deficiencies.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 5-8, 13-15, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over He et al. (hereinafter He) (US 2018/0276024 A1) in view of Tsirkin et al. (hereinafter Tsirkin) (US 2017/0337073 A1).

As to claim 1, He teaches a method comprising: 
identifying (identified as part of its “device discovery” and “hot-plugged” hardware and software implementation), by a processing device (Processor(s) 102) executing a hypervisor (hypervisor 512 or VMM), a memory address associated with a device slot (PCI devices can be searched by the slot address on the busses; Component that includes a slot identifier that identifies whether or not there is a physical slot associated with the component by using “slot present” status in a register) of a communication bus (PCI bus communications, for example, between modules and components) (Title: Abstract; Fig. 1 and 10; [0084]-[0085]; [0179]); 
determining that the device slot of the communication bus (PCI bus) is not associated with any of one or more devices (component that includes a slot identifier that identifies whether or not there is a physical slot associated with the component by using “slot present” status in a register) (claim 17; [0084]-[0085]; [0179]); 
Tsirkin teaches the following limitations that He does not teach:

generating a memory page for the memory address, wherein the memory page comprises a value that indicates that the memory address is not associated with any of the one or more devices (Abstract; [0010]-[0011]; [0032]); 
mapping, in a page table, a page table entry for the memory page to the memory address, wherein the page table entry indicates that the memory page is read only for a guest operating system (OS) of a virtual machine (VM) (Abstract; Fig. 5; [0014]-[0015]; [0021]; [0063]); and 
causing, by the processing device, the memory page to be provided to the guest OS of the VM responsive to detecting a read access of the memory address by the guest OS (Abstract; Fig. 5; [0030]-[0031]; [0063]).
It would have been obvious to one of ordinary skill in the art before the effective date of the application to combine the teachings of He and Tsirkin to obtain the broadest reasonable interpretation of the claim.  The suggestion/motivation for doing so would have been to provide the predicted result of being able to configure virtual devices that include a PCI EA capability, such that the guests of the virtual machines may access the host devices via the virtual devices without triggering VM exits, which is beneficial because performing a VM exit consumes processing resources and increases overhead (Tsirkin – [0012]-[0013]; [0015]).


As to claim 5, Tsirkin teaches wherein read access of the memory address by the guest OS is detected without causing a VM exit ([0015]).

As to claim 6, He ([0016]; [0029]; [0065]; [0085]) and Tsirkin (Abstract; Fig. 5; [0014]-[0015]; [0021]; [0063]) teaches further comprising: identifying a second memory address associated with a second device slot of the communication bus; determining that the second device slot of the communication bus is not associated with any of the one or more devices; mapping, in the page table, a second page table entry for the memory page to the second memory address, wherein the second page table entry indicates that the memory page is read only; and causing the memory page to be provided to the guest OS of the VM responsive to detecting a second read access of the second memory address by the guest OS.

As to claim 7, He ([0016]; [0029]; [0065]; [0085]) and Tsirkin (Abstract; Fig. 5; [0014]-[0015]; [0021]; [0063]) teaches further comprising: mapping, in the page table, a second page table entry for the memory page to the memory address, wherein the second page table entry indicates that the memory page is read only for a second guest OS of a second VM; and causing the memory page to be provided to the second guest OS of the second VM responsive to detecting a second read access of the memory address by the second guest OS.

As to claim 8, He teaches a system comprising: 
a memory (system memory 104) (Fig. 1); and 
a processing device (Processor(s) 102, operatively coupled to the memory (system memory 104) (Fig. 1), to execute a hypervisor (hypervisor 112) (Title: Abstract; Fig. 1 and 10; [0084]-[0085]; [0179]) to: 
identify a plurality of memory addresses (identified as part of its device discovery and “hot-plugged” hardware and software implementation), wherein each memory address of the plurality of memory addresses is associated with a corresponding unassigned device slot  (PCI devices can be searched by the slot address on the busses; Component that includes a slot identifier that identifies whether or not there is a physical slot associated with the component by using “slot present” status in a register) of a communication bus (PCI bus communications, for example, between modules and components) (Title: Abstract; Fig. 1; [0084]-[0085]; [0179]); 
detect that a portion of the memory addresses is associated with a range of contiguous memory space (assigned to address ranges) associated with a guest operating system (OS) of a virtual machine (VM) ([0045]; [0094]; [0179]; [0184]; [0193]-[0198]); 
Tsirkin teaches the following limitations that He does not teach:
generate a memory page for the portion of the memory addresses, wherein the memory page comprises a value that indicates that the portion of the memory addresses is not associated with any of one or more devices (Abstract; [0010]-[0011]; [0032]); 
map, in a page table, a page table entry for the memory page to the range of contiguous memory space, wherein the page table entry indicates that the memory page is read only for the guest OS of the VM (Abstract; Fig. 5; [0014]-[0015]; [0021]; [0063]); and 
cause the memory page to be provided to the guest OS of the VM responsive to detecting a read access of the range of contiguous memory space by the guest OS (Abstract; Fig. 5; [0030]-[0031]; [0063]).
It would have been obvious to one of ordinary skill in the art before the effective date of the application to combine the teachings of He and Tsirkin to obtain the broadest reasonable interpretation of the claim.  The suggestion/motivation for doing so would have been to provide the predicted result of being able to configure virtual devices that include a PCI EA capability, such that the guests of the virtual machines may access the host devices via the virtual devices without triggering VM exits, which is beneficial because performing a VM exit consumes processing resources and increases overhead (Tsirkin – [0012]-[0013]; [0015]).

As to claim 13, it is rejected for the same reasons as stated in the rejection of claim 6.

As to claim 14, it is rejected for the same reasons as stated in the rejection of claim 7.

As to claim 15, it is rejected for the same reasons as stated in the rejection of claim 1.

As to claim 19, it is rejected for the same reasons as stated in the rejection of claim 6.

As to claim 20, it is rejected for the same reasons as stated in the rejection of claim 7.


Claims 2-4, 9-12, and 16-18 are rejected under 35 U.S.C. 103 as being unpatentable over He in view of Tsirkin, and further in view of Lukacs et al. (hereinafter Lukacs) (US 9,596,261 B1).

As to claim 2, He in view of Tsirkin does not teach further comprising: receiving a notification from the guest OS, wherein the notification indicates a write access to the memory address by the guest OS.  However, Lukacs teaches receiving a notification from a VM/guest, wherein the notification indicates whether a write access to the memory address by the guest OS has a security threat or not, for example (Abstract; col. 2, line 36 through col. 3, line 50; col. 18, lines 13-38).  It would have been obvious to one of ordinary skill in the art before the effective date of the application to include the feature of receiving a notification from the guest OS, wherein the notification indicates a write access to the memory address by the guest OS, as taught and suggested in Lukacs, to the existing invention of He in view of Tsirkin.  The suggestion/motivation for doing so would have been to provide the predicted result of being able to protect the computer system from malicious software through early detection and notification of a security threat (Lukacs – Abstract; col. 1, lines 19-62).   

As to claim 3, He teaches further comprising: responsive to receiving the notification from the guest OS, performing at least one of terminating execution of the VM, or sending a response to the guest OS that indicates an error condition (delete, reboot or reset due to critical failure or crash of VM) ([0055]; [0121]; [0124]; [0126])).

As to claim 4, Lukacs teaches further comprising: responsive to receiving the notification from the guest OS, sending a second notification to a management console that indicates an unauthorized access of the memory address by the guest OS (notification from a trigger event of a security threat) (Abstract; col. 2, line 36 through col. 3, line 50; col. 18, lines 13-38).

As to claim 9, it is rejected for the same reasons as stated in the rejection of claim 2.

As to claim 10, it is rejected for the same reasons as stated in the rejection of claim 3.

As to claim 11, it is rejected for the same reasons as stated in the rejection of claim 4.

As to claim 12, it is rejected for the same reasons as stated in the rejection of claim 5.

As to claim 16, it is rejected for the same reasons as stated in the rejection of claim 2.

As to claim 17, it is rejected for the same reasons as stated in the rejection of claim 3.

As to claim 18, it is rejected for the same reasons as stated in the rejection of claim 3.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Zhang et al. (IEEE, 2014) teaches enabling trusted data-intensive execution in cloud computing.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KENNETH TANG whose telephone number is (571)272-3772. The examiner can normally be reached Monday-Friday 7AM-3PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lewis Bullock can be reached on 571-272-3759. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KENNETH TANG/Primary Examiner, Art Unit 2199