DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
Claims 4-6, 13-15 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 10, 19 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Acar et al (Pub. No. US 20190102540).

As per claims 1, 10, Acar discloses a method comprising: receiving, in a kernel executing in a kernel mode of execution that differs from a user mode of execution, a request to move a dynamically-generated code sequence from a buffer in memory to a dynamic code execution region in the memory (…see fig.2 element 202: dynamically generated code may be executed within an unprotected memory region/stack…the compiled executable software may include various instructions for execution…the dynamically generated code (element 218) may then be executed by processing circuit (element 202) (return and call instructions may be the only way to transfer control to the first memory region, see par. 12) under control of the kernel (element 210)…see par. 34-36); verifying, in the kernel executing in the kernel mode, that the dynamically- generated code sequence stored in a memory meets one or more criteria for execution in a computer system, wherein the one or more criteria include an absence of a subset of instructions that are not permitted in dynamically-generated code (…at an operating system kernel level, a processor may ascertain whether dynamically generated code has been invoked…an instructions are retrieved and executed from the reserved sandbox memory space, the processor ascertains whether an instruction has been invoked that accesses an address outside the reserved sandbox memory space…if so, then the processor halts/suspends execution of the instructions…see par. 37-38); and based on a successful verification, moving, by the kernel executing in the kernel mode, the dynamically-generated code sequence to the dynamic code execution region (…a processor, at an operating system kernel level, may ascertain whether dynamically generated code has been invoked, if so, then the processor enters into an execution mode that utilizes a reserved sandbox memory space, within unprotected memory, to execute the dynamically generated code…see par. 37).

As per claim 19, Acar discloses a computer system comprising: one or more processors; and a non-transitory computer accessible storage medium storing a plurality of instructions which, when executed on the computer system, implement operations including: receiving, in a kernel executing in a kernel mode of execution that differs from a user mode of execution, a request to move a dynamically-generated code sequence from a buffer in memory to a dynamic code execution region in the memory (…see fig.2 element 202: dynamically generated code may be executed within an unprotected memory region/stack…the compiled executable software may include various instructions for execution…the dynamically generated code (element 218) may then be executed by processing circuit (element 202) under control of the kernel (element 210)…see par. 32, 34-36); verifying, in the kernel executing in the kernel mode, that the dynamically- generated code sequence stored in a memory meets one or more criteria for execution in the computer system, wherein the one or more criteria include an absence of a subset of instructions that are not permitted in dynamically-generated code (…at an operating system kernel level, a processor may ascertain whether dynamically generated code has been invoked…an instructions are retrieved and executed from the reserved sandbox memory space, the processor ascertains whether an instruction has been invoked that accesses an address outside the reserved sandbox memory space…if so, then the processor halts/suspends execution of the instructions…see par. 37-38); and based on a successful verification, moving, by the kernel executing in the kernel mode, the dynamically-generated code sequence to the dynamic code execution region (…a processor, at an operating system kernel level, may ascertain whether dynamically generated code has been invoked, if so, then the processor enters into an execution mode that utilizes a reserved sandbox memory space, within unprotected memory, to execute the dynamically generated code…see par. 37).


As per claims 2, 11, Acar discloses wherein the one or more criteria also ensure that the dynamically-generated code sequence cannot exit the dynamic code execution region except to one or more predefined addresses (see par. 37-38).


As per claims 3, 12, Acar discloses wherein ensuring that the dynamically-generated
code sequence cannot exit includes ensuring that branch instructions in the dynamically- generated code sequence have target addresses within the dynamic code execution region or that the target addresses are one of the predefined addresses.


As per claims 7, 16, Acar discloses receiving, in a kernel executing in the kernel mode, another request to move a second dynamically-generated code sequence from the buffer in memory to the dynamic code execution region in the memory; determining, in the kernel executing in the kernel mode, that the second dynamically-generated code sequence stored in the memory does not meet at least one of the one or more criteria for execution in the computer system; and based on determining that the second dynamically-generated code does not meet at least one or more criteria, preventing movement of the second dynamically-generated code sequence to the dynamic code execution region (see par. 37-38).


As per claims 8, 17, Acar discloses receiving, in a kernel executing in the kernel mode, another request to move a second dynamically-generated code sequence from the buffer in memory to the dynamic code execution region in the memory; determining, in the kernel executing in the kernel mode, that the second dynamically-generated code sequence stored in the memory does not meet at least one of the one or more criteria for execution in the computer system; and based on determining that the second dynamically-generated code does not meet at least one or more criteria, rejecting the second dynamically-generated code sequence (see par. 37-38).


As per claims 9, 18, Acar discloses based on an unsuccessful verification, terminating a process that transmitted the request to move the dynamically-generated code sequence to the dynamic code execution region (see par. 38).


As per claim 20, Acar discloses wherein the one or more criteria also ensure that the dynamically-generated code sequence excludes branch instructions have target addresses outside the dynamic code execution region except to one or more predefined addresses (see par. 37-38).





Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-form 892).
The following Patents and Papers are cited to further show the state of the art at the time of Applicant’s invention with respect to data integrity and signature verification.

Zhang et al (Pat. No. US 10810305); “Securing Untrusted Code Using Memory Protection Key and Control Flow Integrity”;
-Teaches memory protection is applied to all code and data memory regions of both untrusted and trusted code…col.7 lines 30-38.



Any inquiry concerning this communication or earlier communications from the examiner should be directed to GHAZAL B SHEHNI whose telephone number is (571)270-7479. The examiner can normally be reached Mon-Fri 9am-5pm PCT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached on 5712723951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GHAZAL B SHEHNI/Primary Examiner, Art Unit 2499