DETAILED ACTION
This Office action is in response to the amendment filed 5/24/2022.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Status
Claims 1-3, 5-12, 16-17 and 21-23 are pending.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5 and 8-12, 16-17, 21-23 are rejected under 35 U.S.C. 103 as being anticipated by Shanbhogue et al. (US 2019/0042463 A1) hereinafter Shanbhogue et al. in view of Tsirkin et al. (US 2020/007369 A1) hereinafter Tsirkin et al.
Regarding claim 1, Shanbhogue et al. teaches an apparatus to facilitate security of a shared memory resource, comprising: 
a memory device to store memory data (sever 110 includes a “main memory” 114 and “secondary storage” 118); 
an input/output memory management unit (IOMMU) (“processor” 112 has an “MMU” 140 and “cores” 120) to receive requests from one or more input/output (I/O) devices to access the memory data (when one of the TDs 190A-190C attempts to access a virtual memory address that corresponds to a physical memory address, “MMU” 140 returns the requested data and the core executes the VMM portion of TDRM to translate GPA to HPA to allow the core to read, walk and interpret the mappings, Paragraph [0049]) and validate the translation request to a host physical address (HPA) at trusted host physical address (HPA) permission tables (HPTs) associated with trusted domains (PMH 140 receives “a request to translate a guest physical address (GPA) 166 to a host physical address (HPA) 161” and validates by walking (i.e., using known page address translation techniques) the “SEPT 334” referenced by the SEPTP 336, Paragraph [0087], that is, to support trusted I/Os, an MMU access a first root table “within a trusted device context for trusted transactions” Paragraph [0145]. Note that the SEPT itself contains GPA to HPA mapping information Paragraph [0105]), including determining whether the trusted translation request is associated with a shared memory page or associated with a private memory page (a physical address space is mapped into a private address space and a shared access space, wherein a predetermined bit may be used to indicate shared vs. private status Paragraph [0081]), validating the translation request at secure HPTs upon a determination that trusted translation request is associated with a private memory page (“one or more secure EPTs (SEPTs) 334” are built/managed by the processor hardware and these pages are protected, Paragraph [0083], thus, when the request is associated with a page of private status, the PMH walks the SEPT 334, Paragraph [0087]); and validating the translation request at shared HPTs upon a determination that trusted translation request is associated with a shared memory page (for “non-private (shared)” memory accesses, the processor performs an ordinary page walk using the “untrusted EPT” Paragraph [0035], [0087], thus, when the request is associated with a page of a shared status, the EPT is walked). 
Shanbhogue et al. does not appear to explicitly teach, however, Tsirkin et al. further teaches wherein validating a translation request at a HPT comprises using the HPA to retrieve one or more page access permission entries to validate whether the one or more I/O devices have permission to access the HPA (the hypervisor enables a program executing on the second guest to access contents of the first HPA based on the access permissions of the first HPA. Paragraph [0028]. Note that a virtual IOMMU manages memory access to a system memory from an I/O device which can be hosted on the hypervisor Paragraph [0016]).
The disclosures of Shanbhogue et al. and Tsirkin et al., hereinafter ST, are analogous art to the claimed invention because they are in the same field of memory access management using IOMMUs.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of ST before them, to modify the teachings of Shanbhogue et al. to include the teachings of Tsirkin et al. since both ST teach memory management by an IOMMU using page tables. Therefore it is applying a known technique (retrieving page access permissions to validate whether I/O devices have permission to access the HPA as part of the validating of a translation request Paragraph [0028] of Tsirkin et al.) to a known device (a system having trusted HPT to validate translation requests [0145] of Shanbhogue et al.) ready for improvement to yield predictable results (page access permission entries are retrieved to confirm whether there is permission to access the HPA [0028] of Tsirkin et al), KSR, MPEP 2143.
Regarding claim 2, ST teaches all of the features with respect to claim 1 as outlined above. 
Shanbhogue et al. further teaches wherein the IOMMU determines whether a received request is a trusted translation request or an untrusted translation request (the extended Transaction processing hint contains a trusted indicator, of which “a value of 0 indicates an untrusted transaction and a value of 1 indicates a trusted transaction” Paragraph [0151]).  
Regarding claim 3, ST teaches all of the features with respect to claim 2 as outlined above. 
Shanbhogue et al. teaches the method further comprising wherein the IOMMU values the request as untrusted translation tables having untrusted HPTs upon determining that the request is an untrusted translation request (the IOMMU picks the right root table to start the walk for the translation when a DMA request arrives from a device, and it can either be in a trusted or untrusted context, in which a “second root table” is used for “untrusted context 1605 for untrusted transactions”, Paragraph [0145]).  
Regarding claim 5, ST teaches all of the features with respect to claim 1 as outlined above. 
Shanbhogue et al. further teaches wherein the IOMMU sets a first bit value upon a determination that an address corresponding to the trusted translation request is associated with a shared memory page (a GPA with a “Shared” bit set of 1 indicates a “shared page” Paragraph [0087]) and sets a second bit value upon a determination that the address corresponding to the trusted translation request is associated with a private memory page (a GPA with a “Shared” bit set of 0 indicates a “private page” Paragraph [0087]).  
Regarding claim 8, ST teaches all of the features with respect to claim 2 as outlined above. 
Shanbhogue et al. further teaches wherein each entry in the trusted HPTs comprises a bit value to indicate whether a memory page comprises a shared memory page or a private memory page (the most significant bit of the GPA is a “Shared” bit that either has a value of 1 or 0 to indicate a shared or private status, Paragraph [0081-0082]. Note that the page tables map a GVA to a GPA to an HPA, thus, GPA information resides within the entries of the page tables itself, Paragraph [0079]).  
Regarding claim 9, ST teaches all of the features with respect to claim 8 as outlined above. 
Shanbhogue et al. further teaches wherein the IOMMU determines whether an I/O device associated with the trusted translation request may access the memory page based on the bit value (Fault handling/reporting changes would include if any EPT violations are observed when that SEPTP 336 is used (for “Shared bit” = 0 GPAs), an EPT violation exit qualification reports that the TD Exit occurred due to an EPT violation in the SEPT 336 and will prevent the TD from executing further if an EPT violation occurs from SEPT 336 Paragraph [0087]).  
Regarding claim 10, ST teaches all of the features with respect to claim 9 as outlined above. 
Shanbhogue et al. teaches the method further comprising a memory controller, wherein the IOMMU stores the bit value in the memory controller upon a determination the I/O device may access the memory page (when the processor verifies GPA does not have the “Shared” bit set, it uses the TD Key ID to perform a series of MOVDIR64 operations to clear the SEPT page directory which effectively updates the integrity check value in the memory controller, Paragraph [0105]. Note that memory controller units are integrated into the processing devices themselves Paragraph [0114]).  
Claims 11 and 16 are rejected under 35 USC 103 for the same reasons as claim 1, as outlined above.
Claims 12 and 17 are rejected under 35 USC 103 for the same reasons as outlined above in claim 2.
Regarding claim 21, ST teaches all of the features with respect to claim 1 as outlined above. 
Shanbhogue et al. further teaches wherein the secure HPTs are encrypted with a key associated with the virtual machine (memory belonging to a TD can be encrypted using the TD’s unique encryption key Paragraph [0076], and the TD can use a single encryption key for the entire TD use additional encryption keys for different tenant VMs Paragraph [0077]).
Claims 22 and 23 are rejected under 35 USC 103 for the same reasons as outlined above in claim 21.


Claims 6-7 is/are rejected under 35 U.S.C. 103 as being unpatentable over ST in further view of Borruso et al. (US 5,621,912) in view of Borruso et al. 
Regarding claim 6, ST teaches all of the features with respect to claim 5 as outlined above. 
ST does not appear to teach, however, Borruso et al. further teaches wherein the an input/output memory management unit (IOMMU) transmits the bit value to an I/O device (VM issues a “Store Host” command though CP to enable a “public bit” and “shared bit” in the ASC block to describe the system execution space of the host, See Table 3, Column 12, Lines 31-38).
The disclosures of ST. and Borruso et al., hereinafter SB, are analogous art to the claimed invention because they are in the same field of memory access management using IOMMUs and/or setting shared/private indicators in an address space.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of STB before them, to modify the teachings of ST to include the teachings of Borruso et al. since both SB teach setting private/shared indicators in address spaces. Therefore it is applying a known technique (transmitting a bit value to the I/O device of Borruso et al. see Table 3, Column 12, Lines 31-38) to a known device (a system having trusted HPT to validate translation requests [0145] of Shanbhogue et al.) ready for improvement to yield predictable results (a shared/public bit of the host is set Column 12, Lines 31-38 of Borruso et al.), KSR, MPEP 2143.
Regarding claim 7, STB teaches all of the features with respect to claim 6 as outlined above. 
Shanbhogue et al. further teaches wherein the an input/output memory management unit (IOMMU) receives a second trusted translation request from the I/O device including the bit value and performs a walk of the shared HPTs or private HPTs based on the bit value (PMH receives a request to translate a GPA to a HPA. When the PMH is requested to translate a GPA with the Shared bit set to 0 (i.e., a private page), the PMH walks the SEPT 334, and when it is requested to translate a GPA with the Shared bit set to 1 (i.e., a shared page), the PMH walks the EPT 322, Paragraph [0087]).  
Response to Arguments
Applicant’s arguments, see pages 7-8 of Remarks, with respect to the rejection(s) of claim(s) 1 under Shanbhogue have been fully considered and are persuasive. Specifically, Applicant argues that Shanbhogue does not disclose a process of validating translation requests includes using the HPA to retrieve one or more page access permission entries to validate whether the one or more I/O devices have permission to access the HPA. Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Tsirkin et al. which discloses that an IOMMU hosted on the hypervisor uses page access permissions of the HPA to manage access to the HPA. The same teachings applies to independent claims 11 and 16.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JANE W BENNER whose telephone number is (571)270-0067. The examiner can normally be reached Mon - Thurs (8 AM - 5 PM).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, REGINALD BRAGDON can be reached on (571) 272-4204. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

JANE W. BENNER
Primary Examiner
Art Unit 2131



/JANE W BENNER/Primary Examiner, Art Unit 2139