Detailed Action
This office action is in response to the application filed January 31, 2022. 
Claims 1-20 are pending.   
This application is a continuation of application 16/203,070, now US Patent 11,237,859 filed November 28, 2018. The claims as pending are examined as entitled to the earlier filing date. 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-5,8-11, 15-18 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1,1,2,3,4,4,8,8,9,10,15,15,16,17 respectively of U.S. Patent No. 11,237,859. Although the claims at issue are not identical, they are not patentably distinct from each other because the pending claim limitation are obvious in view of the patented claims as aligned herein below.




This application
US Patent 11,237,859
1. A method comprising: receiving, by a processing device, a request for a resource, wherein the request is initiated by a guest application; 

determining, by the processing device, whether an initialization of the guest application is completed;


 and responsive to determining that the initialization of the guest application is completed, blocking, by the processing device, at least one system call associated with the request initiated by the guest application to reject execution of the request for the resource.  

2. The method of claim 1, further comprising: receiving a message from the guest application indicating that the initialization of the guest application is completed, wherein determining whether the initialization of the guest application is completed is in view of the received message.  


3. The method of claim 1, wherein blocking the at least one system call associated with the request comprises: stopping a virtual machine executing the guest application.  

4. The method of claim 1, further comprising: responsive to detecting an exit initiated by a virtual machine executing the guest application, transferring execution control of the virtual machine to a guest supervisor.  












5. The method of claim 4, further comprising: configuring a central processing unit (CPU) to facilitate transferring the execution control of the virtual machine to the guest supervisor by configuring a virtual control structure associated with the virtual machine.  




8. A system comprising: a memory; and a processing device operatively coupled to the memory, the processing device to: receive, by a processing device, a request for a resource, wherein the request is initiated by a guest application; 


determine, by the processing device, whether an initialization of the guest application is completed; 




and responsive to determining that the initialization of the guest application is completed, block, by the processing device, at least one system call associated with the request initiated by the guest application to reject execution of the request for the resource.

9. The system of claim 8, wherein the processing device is further to: receive a message from the guest application indicating that the initialization of the guest application is completed, wherein determining whether the initialization of the guest application is completed is in view of the received message.

10. The system of claim 8, wherein to block the at least one system call associated with the request, the processing device is further to: stop a virtual machine executing the guest application.

11. The system of claim 8, wherein the processing device is further to: responsive to detecting an exit initiated by a virtual machine executing the guest application, transfer execution control of the virtual machine to a guest supervisor.





15. A non-transitory machine-readable storage medium including instructions that, when accessed by a processing device, cause the processing device to: receive, by a processing device, a request for a resource, wherein the request is initiated by a guest application; 

determine, by the processing device, whether an initialization of the guest application is completed; 



and responsive to determining that the initialization of the guest application is completed, block, by the processing device, at least one system call associated with the request initiated by the guest application to reject execution of the request for the resource.



16. The non-transitory machine-readable storage medium of claim 15, wherein the processing device is further to: receive a message from the guest application indicating that the initialization of the guest application is completed, wherein determining whether the initialization of the guest application is completed is in view of the received message.

17. The non-transitory machine-readable storage medium of claim 15, wherein to block the at least one system call associated with the request, the processing device is further to: stop a virtual machine executing the guest application.

18. The non-transitory machine-readable storage medium of claim 15, wherein the processing device is further to: responsive to detecting an exit initiated by a virtual machine executing the guest application, transfer execution control of the virtual machine to a guest supervisor.






1. A method comprising: receiving a first request for a first resource, wherein the first request is initiated by an application running on a virtual machine during initialization of the application;

…the message indicating that the initialization of the application is completed and that packet processing by the application is initiated;

and responsive to determining that the second request is initiated by the application running on the virtual machine, blocking, in view of the received message, at least one hypercall initiated by the virtual machine to reject execution of the second request for the second resource.

(cl.1 ) …the message indicating that the initialization of the application is completed and that packet processing by the application is initiated;




2. The method of claim 1, further comprising: stopping the virtual machine in response to receiving the second request.


3. The method of claim 1, wherein blocking the at least one hypercall initiated by the virtual machine comprises: configuring, by the hypervisor, a central processing unit (CPU) to transfer execution control of the virtual machine to a guest supervisor of the virtual machine in response to receiving a request for a first virtual machine exit initiated by the virtual machine.
4. The method of claim 3, wherein configuring, by the hypervisor, the CPU to transfer execution control of the virtual machine to the guest supervisor of the virtual machine in response to receiving the request for the first virtual machine exit initiated by the virtual machine comprises configuring a virtual machine control structure (VMCS) associated with the virtual machine.

4. The method of claim 3, wherein configuring, by the hypervisor, the CPU to transfer execution control of the virtual machine to the guest supervisor of the virtual machine in response to receiving the request for the first virtual machine exit initiated by the virtual machine comprises configuring a virtual machine control structure (VMCS) associated with the virtual machine.


8. A system comprising: a memory; and a processing device operatively coupled to the memory, the processing device to: receive a first request for a first resource, wherein the first request is initiated by an application running on a virtual machine during initialization of the application;

receive a message sent by the application running on the virtual machine, the message indicating that the initialization of the application is completed and that packet processing by the application is initiated;

and responsive to determining that the second request is initiated by the application running on the virtual machine, blocking, in view of the received message, at least one hypercall initiated by the virtual machine to reject execution of the second request for the second resource.

(cl.8) …the message indicating that the initialization of the application is completed and that packet processing by the application is initiated;




9. The system of claim 8, wherein the processing device is further to: stop the virtual machine in response to receiving the second request.


10. The system of claim 8, wherein, to block the at least one hypercall initiated by the virtual machine, the processing device is further to: configure, by the hypervisor, a central processing unit (CPU) to transfer execution control of the virtual machine to a guest supervisor of the virtual machine in response to receiving a request for a first virtual machine exit initiated by the virtual machine.

15. A non-transitory machine-readable storage medium including instructions that, when accessed by a processing device, cause the processing device to: receive a first request for a first resource, wherein the first request is initiated by an application running on a virtual machine during initialization of the application; 
…receive a message sent by the application running on the virtual machine, the message indicating that the initialization of the application is completed… 

receive a second request for a second resource; determine whether the second request is initiated by the application running on the virtual machine; and responsive to determining that the second request is initiated by the application running on the virtual machine, reject, in view of the received message, execution of the second request for the second resource.

(cl. 15) …the message indicating that the initialization of the application is completed and that packet processing by the application is initiated…





16. The non-transitory machine-readable storage medium of claim 15, wherein, to reject execution of the second request, the processing device is further to: stop the virtual machine in response to receiving the second request.

17. The non-transitory machine-readable storage medium of claim 15, wherein, to reject execution of the second request, the processing device is further to: configure, via the hypervisor, a central processing unit (CPU) to transfer execution control of the virtual machine to a guest supervisor of the virtual machine in response to receiving a request for a first virtual machine exit initiated by the virtual machine.












Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 6-10, 13-17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over “Bonzini” (US PG Pub Publication 2016/0224383) in view of “Seetharamaiah” (US PG Pub Publication 2019/0034633) 

Regarding Claim 1, Bonzini teaches: 

1. A method comprising: receiving, by a processing device, a request for a resource, wherein the request is initiated by a guest application; (Bonzini e.g. ¶¶37,46-47 teach receiving requests for memory allocation, including an embodiment where the requests come during a boot up phase)

determining, by the processing device, whether an initialization of the guest application is completed; (Bonzini e.g. ¶¶31 teaches a request message to request execution of a virtual function at runtime, execution of such requests, in the embodiment where allocation and initialization happens in the bootup process, inherently indicates the completion of the boot up process as such a boot up processes would necessarily complete prior to runtime requests of virtual functions may be carried out as described in e.g. ¶¶18-20, 25-26 at runtime of the application within the virtual machine).  

Bonzini does not explicitly teach, but Seetharamaiah teaches:
and responsive to determining that the initialization of the guest application is completed, blocking, by the processing device, at least one system call associated with the request initiated by the guest application to reject execution of the request for the resource.   See e.g. Seetharamaiah ¶¶28,63 teaching denying processing of application hypercalls at runtime of the system based on intercepting and check authorization for the system). [Bonzini inherently teaches the claimed message as described above, which provides an indication that indication the system is at runtime, a period during which Seetharamaiah teaches the hypercall blocking as cited here]
In addition, it would have been obvious to one of ordinary skill in the art prior to the effective filing date of the application to combine the teachings of Bonzini and Seetharamaiah because each is directed to security measures protecting the execution of hypercalls and Seetharamaiah teaches “by using a hypervisor mediated memory access control mechanism to prevent execution of fileless malware instead of or together with using an OS mediated access control mechanism.” (¶9). 

Regarding dependent claims 2,3, 6, and 7, Bonzini and Seetharamaiah teach: 
2. The method of claim 1, further comprising: receiving a message from the guest application indicating that the initialization of the guest application is completed, wherein determining whether the initialization of the guest application is completed is in view of the received message.  (Bonzini e.g. ¶¶31 teaches a request message to request execution of a virtual function at runtime, execution of such requests, in the embodiment where allocation and initialization happens in the bootup process, inherently indicates the completion of the boot up process as such a boot up processes would necessarily complete prior to runtime requests of virtual functions may be carried out as described in e.g. ¶¶18-20, 25-26 at runtime of the application within the virtual machine).  

3. The method of claim 1, wherein blocking the at least one system call associated with the request comprises: stopping a virtual machine executing the guest application.  (See e.g. Bonzini teaches exiting in ¶39 in response to invalid parameters in a virtual machine function call).


6. The method of claim 1, wherein the initialization of the guest application corresponds to at least one of an initiation of execution of the application using an allocated resource or an initiation of packet processing by the guest application.  (Bonzini e.g. ¶¶37,46-47 teach receiving requests for memory resource allocation, including an embodiment where the requests come during a boot up phase)

7. The method of claim 1, further comprising: responsive to determining that the initialization of the guest application is not completed, allocating the resource for the guest application in response to the received request.  (Bonzini e.g. ¶¶37,46-47 teach processing by the hypervisor requests for memory allocation at initialization/bootup, including an embodiment where the requests come during a boot up phase, wherein the memory is allocated therein)

Claims 8-10, 13, and 14 are rejected on the same basis as claims 1-3, 6, and 7 above. 
Claims 15-17, and 20 are rejected on the same basis as claims 1-3, and 6 above. 


Claims 4, 5, 11,12,18, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over “Bonzini” (US PG Pub Publication 2016/0224383) in view of “Seetharamaiah” (US PG Pub Publication 2019/0034633) as applied above and further in view of “Durham” (US PG Publication 2018/0373895). 
Regarding Claim 4 Bonzini et al teach the limitations of claim 1 above, but do not further teach, while Durham teaches: 

4. The method of claim 1, further comprising: responsive to detecting an exit initiated by a virtual machine executing the guest application, transferring execution control of the virtual machine to a guest supervisor.   (See e.g. Durham ¶260 – teaching the VMM and VMMlet on the VM configuring the processor to transfer control to the VMMlet in response to an exit). 
In addition, it would have been obvious to one of ordinary skill in the art prior to the effective filing date of the application to combine the teachings of Bonzini and Seetharamaiah with those of Durham because each is directed to security measures protecting the execution of hypercalls and Durham teaches techniques wherein “The protection provided using the techniques described herein effectively provides the same level of confidentiality and security as the consumer would have running the same workload in a private cloud (on premise)” (¶70). 

Regarding Claim 5, Durham further teaches: 
5. The method of claim 4, further comprising: configuring a central processing unit (CPU) to facilitate transferring the execution control of the virtual machine to the guest supervisor by configuring a virtual control structure associated with the virtual machine.  (See Durham, teaches in ¶¶60,78, as well as Fig. 43 and ¶¶377-378 managing control based on a VMCS by a VMM and VMMlet, including transferring controls in response to a VMExit instruction).  In addition, it would have been obvious to one of ordinary skill in the art prior to the effective filing date of the application to combine the teachings of Bonzini and Seetharamaiah with those of Durham because each is directed to security measures protecting the execution of hypercalls and Durham teaches techniques wherein “The protection provided using the techniques described herein effectively provides the same level of confidentiality and security as the consumer would have running the same workload in a private cloud (on premise)” (¶70). 

Claims 11 and 12 are rejected on the same basis as claims 4 and 5 above. 
Claims 18 and 19 are rejected on the same basis as claims 4 and 5 above. 



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The Prior Art cited in the attached PTO-892 Form includes additional prior art relevant to applicant’s disclosures related to the management of security of virtual machines including the blocking of hypercalls and management of guest applications.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW J BROPHY whose telephone number is (571)270-1642.  The examiner can normally be reached on Monday-Friday, 9am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wei Zhen can be reached on 571-272-3708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






MJB
12/14/2022

/MATTHEW J BROPHY/Primary Examiner, Art Unit 2191