Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Examiner’s Amendment and Examiner’s Reasons for Allowance action is in response to the filing of 04/11/2022. Claims 1, 3-4, 7, 9-10, 12-18 and 21-24 have been amended, claims 2, 5-6, 8, 11 and 19 have been canceled and claims 26-28 have been added per applicants request, therefore claims 1, 3-4, 7, 9-10, 12-18 and 20-28  are presently pending in the application and have been considered as follows.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Ted A. Crawford (Reg. No. 50,610) on 07/06/2022.

The application has been amended as follows: 

26. (Currently Amended) One or more non-transitory machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, cause a compute device to: route control plane requests from a plurality of resources of the compute device to one of a trusted physical function or an untrusted physical function that are both serviced by a network interface controller (NIC) coupled with the compute device, wherein control plane requests directed to the trusted physical function are routed via a trusted control path of a control plane and control plane requests directed to untrusted physical functions are routed via an untrusted control path of the control plane, and wherein the control plane is separate from a data plane that is established for access to the trusted physical function or for access to the untrusted physical function.

27. (Currently Amended) The one or more non-transitory machine-readable storage media of claim 26, wherein a physical function is identified as a trusted physical function based on the physical function having direct access to hardware that resides at the NIC.

28. (Currently Amended) The one or more non-transitory machine-readable storage media of claim 26, wherein at least one of the plurality of resources is a virtualized resource, and wherein the virtualized resource comprises one of a virtual machine or a container.


Allowance
Acknowledgement to applicant’s amendment to claims 10 and 12-17 has been noted. The claims have been reviewed, entered and found obviating to previously raised rejection under 35 USC 101 rejection which is hereby withdrawn.

Acknowledgement to applicant’s amendment to claims 10 and 18 has been noted. The claims have been reviewed, entered and found obviating to previously raised claim objection which is hereby withdrawn.


Acknowledgement to applicant’s amendment to claims 1, 10 and 18 has been noted. The claims have been reviewed, entered and found obviating to previously raised rejection under 35 USC 112 rejection which is hereby withdrawn for claims 1, 3-4, 7, 9-10, 12-18 and 20-25. 
 
Claims 1, 3-4, 7, 9-10, 12-18 and 20-28 are allowed.

Examiner’s Statement of Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: although the prior art of record (such as Tsirkin (US 10402576)) A system and method for safe physical function passthrough using virtual machine functions includes sending, by a guest on a virtual machine, an access request for a host device to a virtual machine function on the virtual machine. The method also includes determining, by the virtual machine function, whether the access request is valid responsive to receiving the access request. Responsive to determining that the access request is valid, the virtual machine function sends the access request to a virtual device on the virtual machine. The method further includes preventing, by a hypervisor executing on one or more processors, the guest from accessing the virtual device when not executing the virtual machine function. (Abstract)

none of the prior art, alone or in combination, teaches

 Independent Claim 1:  “…receive control plan requests directed to the physical function from the plurality of resources via one of the trusted control path or the untrusted control path based on a trust level associated with the physical function, the trust level used to determine whether the physical function is an untrusted physical function with restricted access to hardware of the NIC; manage, by trusted control path controller circuitry included in the circuitry, control plane requests received via the trusted control path directed to trusted physical functions; and manage, by untrusted control path controller circuitry included in the circuitry, control plane requests received via the untrusted control path directed to untrusted physical functions.”.


in view of other limitations of claim 1.

Independent Claims 10, 18 and 26 are allowed based on reasons mentioned above in regards to independent claim 1.

Dependent claims are allowed as they depend from an allowable independent claim.

The closest prior art made of record are:
Tsirkin (US 10402576)) A system and method for safe physical function passthrough using virtual machine functions includes sending, by a guest on a virtual machine, an access request for a host device to a virtual machine function on the virtual machine. The method also includes determining, by the virtual machine function, whether the access request is valid responsive to receiving the access request. Responsive to determining that the access request is valid, the virtual machine function sends the access request to a virtual device on the virtual machine. The method further includes preventing, by a hypervisor executing on one or more processors, the guest from accessing the virtual device when not executing the virtual machine function.  
Kissell et al. (US 9542350) A method of authenticating shared peripheral component interconnect express devices of a switched fabric includes associating at least one requester identifier with a physical function of a device on the switched fabric and instantiating a virtual function of the device based on the physical function. The virtual function includes the associated at least one requester identifier. The method further includes accepting memory-mapped input/output traffic through the virtual function only from a requester having a corresponding requester identifier matching an associated requester identifier of the virtual function. The method may also include allowing a write operation of the virtual function or the physical function only to an address residing within an allowable address range associated with the device.
Johnson et al. (US 10860357) A multi-tenant environment is described with a configurable hardware logic platform (e.g., a Field Programmable Gate Array (FPGA)) positioned on a host server computer. The configurable hardware logic platform can be programmed with a host logic wrapper portion, which is controlled by a service provider, and a customer portion, which is programmed with logic provided by a tenant of the service provider. While the host logic wrapper portion is reprogrammed, protections are put in place to prevent a virtual machine or the customer logic from violating security built within the host logic wrapper portion. Such protections can be suspending communications between the virtual machine and the customer logic until the host logic wrapper is reprogrammed.
 Harland et al. (US 10430225)   Disclosed herein are techniques for maintaining a secure execution environment on a server. In one embodiment, the server includes a bus manager circuit. The bus manager circuit comprises a first bus interface configured to be coupled with a first hardware device of the server, and a second bus interface configured to be coupled with a second hardware device of the sever. The bus manager further includes a control module. Under a first mode of operation, the control module is configured to receive an access request from the first hardware device to access the second hardware device, and responsive to determining not to grant the access request based on a pre-determined access policy, and block at least some of data bits corresponding to the access request from the second bus interface. The control module may also process the access request in a different manner under other modes of operations.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.
Conclusion



Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER C HARRIS whose telephone number is (571)270-7841.  The examiner can normally be reached on Monday through Friday between 8:00 AM to 4:00 PM CST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469) 295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHRISTOPHER C HARRIS/Primary Examiner, Art Unit 2432