DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on October 20, 2025 has been entered.
Response to Amendment
The amendment filed on October 20, 2025 has been entered.
Claims 1 and 18 have been amended.
Claims 12-13 have been canceled.
Response to Arguments
Applicant's arguments filed on October 20, 2025, have been fully considered, but they are moot in view of the new grounds of rejection.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-5, 7, 9-10, 15, 18-20, 22, and 24 are rejected under 35 U.S.C. 103 as being unpatentable over Hopkins (Pub. No. US 2017/0126742), hereinafter Hopkins, in view of Kumar et al. (Pub. No. US 2020/0117624), hereinafter Kumar; in further view of Avanzi et al. (Pub. No. US 2017/0010982), hereinafter Avanzi.
Claim 1. Hopkins discloses an apparatus comprising:
a processor having a plurality of processor cores, wherein a logic processor, to be assigned to one of the plurality of processor cores, is to execute one or more operations for at least one of a plurality of logical realms (See Parag. [0131]); and
the plurality of logical realms to include a security monitor realm (See Parag. [0076]; security configuration object 700 includes three realm objects (plurality of logical realms): Realm A 750, Default Realm 702 and Realm B 760... The default realm (security monitor realm) can also be referred to as the “admin realm”, because it is used to perform authorization checks for system and administrative resources, and for other administrative purposes),
wherein the security monitor realm includes security monitor logic to maintain a Realm Identifier (RID) for each of the plurality of logical realms, the security monitor logic to control access to each of the plurality of realms based at least in part on the RID for each of the plurality of logical realms (See Parag. [0081]; a realm name is always specified when requesting a realm service. The realm name specified may identify a particular realm or the default realm. A realm name parameter is a string value that identifies the realm (realm identifier) for which the service is requested. The correct realm to use, for most service invocations, depends on the caller's partition context, the service and method being invoked, and the parameters of the call. Where the default realm is specified logic is applied to select the correct realm by “service proxies” that evaluate the context of each call, determine the correct realm to delegate to, and invoke the appropriate service in that realm).
Hopkins doesn’t explicitly disclose wherein an interrupt handler realm is to route an external interrupt to a corresponding destination realm from the plurality of logical realms based, at least in part, on the RID stored in an Interrupt Remapping Table (IRT) by the security monitor realm.
However, Kumar discloses wherein an interrupt handler realm is to route an external interrupt to a corresponding destination realm from the plurality of logical realms based, at least in part, on the RID stored in an Interrupt Remapping Table (IRT) by the security monitor realm (See Parag. [0022-0023]; I/O devices may generate an interrupt message comprising the device's assigned ASID. This interrupt message may be sent by the device to the VM via an input/output (I/O) memory management unit (IOMMU) of the system… the interrupt messages sent by the I/O device contain an interrupt handle (e.g., an identifier comprising a number of bits). The IOMMU of the system uses that handle to identify an entry in an interrupt remapping table (IRT). The IRT stores data for remapping interrupts signaled by the I/O device. See Parag. [0041]; VMM 130 allocates and manages the interrupt handle, the IOMMU 150 implements “ASID based filtering” logic 185 via interrupt manager 180 to ensure only valid guest handles are used by the AIs 175 to interrupt the VMs 140,141. The I/O device 160 sends the interrupt message 190 to the IOMMU on behalf of its AI 175. The interrupt message data comprises a ASID 192 of the AI 175 and an interrupt handle 194. Further, an IRT 186 of IOMMU 150 is extended so that each IRTE 184 includes a ASID field 182. The ASID in the IRTE 184 is setup by the VMM 130 to an AI's ASID when it allocates an interrupt handle for the VM and sets up the corresponding IRTE to interrupt the VM on behalf of AI 175. The VM sends the interrupt handle to the AI 175 using a command payload and the I/O device 160 sends the interrupt message 190 to the IOMMU to notify the VM about command completion. The interrupt manager 180 of the IOMMU extracts the interrupt handle 194 from the interrupt message data and uses it to index the IRT 186 to identify a pointer to an IRTE 184. In some embodiments, the interrupt manager 180 extracts a ASID 182 from an IRTE 184 of the IRT 186. If the ASID 192 in the interrupt message data matches the ASID 182 in the IRTE 184, the interrupt manager uses the IRTE 184 to identify an Interrupt Posting structure and send a Posted interrupt to the VM).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to include an interrupt handler realm to route one or more interrupts to their correct destination realm, as taught by Kumar. This would be convenient to prevents one VM from sending spurious interrupts to other VMs (Kumar, Parag. [0041]).
Hopkins doesn’t explicitly disclose a register to store a current RID corresponding to an execution context of the logical processor wherein the current RID is only modifiable by the security monitor logic.
However, Avanzi discloses a register to store a current RID corresponding to an execution context of the logical processor wherein the current RID is only modifiable by the security monitor logic (See Parag. [0038-0039]; the realm manager 308 of the software protection device 302 may generate one or more realms (e.g., the realm 316) in the memory device 304… The realm manager 308 may store the RID and the corresponding EEK in the key store 310 through the exclusive interface 324. The RID may be disclosed to entities outside of the software protection device 302, while the EEK may not be known to any entity outside of the software protection device 302. The RID, the EEK, and their association may be modified within the software protection device 302 and may not be modified by any entity external to the software protection device 302).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to include a register to store a current RID wherein the current RID is only modifiable by the security monitor logic, as taught by Avanzi. This would be convenient to maintain the security of the software stored in the realm (Avanzi, Parag. [0026]).
Claim 2. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Kumar further discloses where the plurality of logical realms comprises the interrupt handler realm from the plurality of logical realms to route a plurality of interrupts to their correct destination realm (See Parag. [0022-0023]; I/O devices may generate an interrupt message comprising the device's assigned ASID. This interrupt message may be sent by the device to the VM via an input/output (I/O) memory management unit (IOMMU) of the system… the interrupt messages sent by the I/O device (on behalf of the AI) contain an interrupt handle (e.g., an identifier comprising a number of bits). The IOMMU of the system uses that handle to identify an entry in an interrupt remapping table (IRT). The IRT stores data for remapping interrupts signaled by the I/O device. See Parag. [0041]; VMM 130 allocates and manages the interrupt handle, the IOMMU 150 implements “ASID based filtering” logic 185 via interrupt manager 180 to ensure only valid guest handles are used by the AIs 175 to interrupt the VMs 140,141. The I/O device 160 sends the interrupt message 190 to the IOMMU on behalf of its AI 175. The interrupt message data comprises a ASID 192 of the AI 175 and an interrupt handle 194. Further, an IRT 186 of IOMMU 150 is extended so that each IRTE 184 includes a ASID field 182. The ASID in the IRTE 184 is setup by the VMM 130 to an AI's ASID when it allocates an interrupt handle for the VM and sets up the corresponding IRTE to interrupt the VM on behalf of AI 175. The VM sends the interrupt handle to the AI 175 using a command payload and the I/O device 160 sends the interrupt message 190 to the IOMMU to notify the VM about command completion. The interrupt manager 180 of the IOMMU extracts the interrupt handle 194 from the interrupt message data and uses it to index the IRT 186 to identify a pointer to an IRTE 184. In some embodiments, the interrupt manager 180 extracts a ASID 182 from an IRTE 184 of the IRT 186. If the ASID 192 in the interrupt message data matches the ASID 182 in the IRTE 184, the interrupt manager uses the IRTE 184 to identify an Interrupt Posting structure and send a Posted interrupt to the VM).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to include an interrupt handler realm to route one or more interrupts to their correct destination realm, as taught by Kumar. This would be convenient to prevents one VM from sending spurious interrupts to other VMs (Kumar, Parag. [0041]).
Claim 3. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 2,
Kumar further discloses wherein the plurality of interrupts comprises the external interrupt and at least one of : a local interrupt or an inter-processor interrupt (See Parag. [0022]; the device may generate interrupts to be delivered to the VM to which AIs of the device are assigned. For example, the I/O devices may generate an interrupt message comprising the device's assigned ASID. This interrupt message may be sent by the device to the VM via an input/output (I/O) memory management unit (IOMMU) of the system. See Parag. [0024]; the VMM may also allocate MSI-X entries and program interrupt messages to the entries without going through the host PCI bus driver).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, an external interrupt, a local interrupt, or an inter-processor interrupt, as taught by Kumar. This would be convenient to prevents one VM from sending spurious interrupts to other VMs (Kumar, Parag. [0041]).
Claim 4. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Hopkins further discloses the apparatus further comprising a memory to store data in a plurality of partitions, wherein each of the plurality of partitions is accessible by a single one of the plurality logical realms (See Parag. [0018]; access control for partition and global resources such that applications deployed to a particular partition are accessible only to users of the particular partition. See Parag. [0078]; Every partition can reference a different realm, all partitions can share the same realm, or some partitions can reference different realms while others share a realm. Any combination is possible. Configuring a separate realm for each partition provides the most independence and isolation for the partition).
Claim 5. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Hopkins further discloses wherein the RID is assigned at a memory page size granularity (See Parag. [0081]; A realm name parameter is a string value that identifies the realm for which the service is requested. The correct realm to use, for most service invocations, depends on the caller's partition context).
Claim 7. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Hopkins further discloses wherein the security monitor logic is to control any communication between the plurality of logical realms (See Parag. [0081]; the default realm is specified logic is applied to select the correct realm by “service proxies” that evaluate the context of each call, determine the correct realm to delegate to, and invoke the appropriate service in that realm).
Claim 9. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Kumar further discloses wherein each memory transaction includes a request RID, wherein an Input-Output Memory Management Unit (IOMMU) is to resolve the request RID during processing of a corresponding memory transaction (See Parag. [0022-0023]; I/O devices may generate an interrupt message comprising the device's assigned ASID. This interrupt message may be sent by the device to the VM via an input/output (I/O) memory management unit (IOMMU) of the system. The interrupt messages sent by the I/O device (on behalf of the AI) contain an interrupt handle (e.g., an identifier comprising a number of bits). The IOMMU of the system uses that handle to identify an entry in an interrupt remapping table (IRT). The IRT stores data for remapping interrupts signaled by the I/O device. Each entry in the IRT is referred to as an interrupt remapping table entry (IRTE). In that regard, the IOMMU uses the handle as an index to remap interrupt message from the I/O device into a specific IRTE that comprises an interrupt for the VMs).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to include Input-Output Memory Management Unit, as taught by Kumar. This would be convenient to translate virtual addresses accessed by the I/O devices 160 into physical memory addresses corresponding to the VMs (Kumar, Parag. [0033]).
Claim 10. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Hopkins further discloses where the plurality of logical realms comprises an operating system, a bare-metal operating system, or an application realm to provide dedicated hardware resources (See Parag. [0129]; containers interact with security services through proxy services that direct requests to the correct realm at runtime. In the case of the Authorization Manager and the Role Manager, the proxy will select the correct realm using logic that takes the resource type and ownership into account. For resources owned by the current partition—e.g., application resources—the “local” realm will be used. For system resources—e.g.—the default/global realm will be used. It will then determine whether to call the authorization/role mapping service for the local partition's realm or for the default/global realm depending on the resource type).
Claim 15. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Hopkins further discloses wherein one or more of the plurality of logical realms comprise their own coherence domain (See Parag. [0077]; Each Partition security configuration has a Realm attribute that references one of the Realms configured on the Security Configuration object of the Domain Configuration).
Claim 18. Hopkins discloses one or more non-transitory computer-readable media comprising one or more instructions that when executed on a processor configure the processor to perform one or more operations (See Parag. [0131]) to cause:
a logic processor, to be assigned to one of a plurality of processor cores of the processor, to execute one or more operations for at least one of a plurality of logical realms, the plurality of logical realms to include a security monitor realm (See Parag. [0076]; security configuration object 700 includes three realm objects (plurality of logical realms): Realm A 750, Default Realm 702 and Realm B 760... The default realm (security monitor realm) can also be referred to as the “admin realm”, because it is used to perform authorization checks for system and administrative resources, and for other administrative purposes),
security monitor logic of the security monitor realm to maintain a Realm Identifier (RID) for each of the plurality of logical realms, the security monitor logic to control access to each of the plurality of realms based at least in part on the RID for each of the plurality of logical realms (See Parag. [0081]; a realm name is always specified when requesting a realm service. The realm name specified may identify a particular realm or the default realm. A realm name parameter is a string value that identifies the realm (realm identifier) for which the service is requested. The correct realm to use, for most service invocations, depends on the caller's partition context, the service and method being invoked, and the parameters of the call. Where the default realm is specified logic is applied to select the correct realm by “service proxies” that evaluate the context of each call, determine the correct realm to delegate to, and invoke the appropriate service in that realm).
Hopkins doesn’t explicitly disclose wherein an interrupt handler realm is to route an external interrupt to a corresponding destination realm from the plurality of logical realms based, at least in part, on the RID stored in an Interrupt Remapping Table (IRT) by the security monitor realm.
However, Kumar discloses wherein an interrupt handler realm is to route an external interrupt to a corresponding destination realm from the plurality of logical realms based, at least in part, on the RID stored in an Interrupt Remapping Table (IRT) by the security monitor realm (See Parag. [0022-0023]; I/O devices may generate an interrupt message comprising the device's assigned ASID. This interrupt message may be sent by the device to the VM via an input/output (I/O) memory management unit (IOMMU) of the system… the interrupt messages sent by the I/O device contain an interrupt handle (e.g., an identifier comprising a number of bits). The IOMMU of the system uses that handle to identify an entry in an interrupt remapping table (IRT). The IRT stores data for remapping interrupts signaled by the I/O device. See Parag. [0041]; VMM 130 allocates and manages the interrupt handle, the IOMMU 150 implements “ASID based filtering” logic 185 via interrupt manager 180 to ensure only valid guest handles are used by the AIs 175 to interrupt the VMs 140,141. The I/O device 160 sends the interrupt message 190 to the IOMMU on behalf of its AI 175. The interrupt message data comprises a ASID 192 of the AI 175 and an interrupt handle 194. Further, an IRT 186 of IOMMU 150 is extended so that each IRTE 184 includes a ASID field 182. The ASID in the IRTE 184 is setup by the VMM 130 to an AI's ASID when it allocates an interrupt handle for the VM and sets up the corresponding IRTE to interrupt the VM on behalf of AI 175. The VM sends the interrupt handle to the AI 175 using a command payload and the I/O device 160 sends the interrupt message 190 to the IOMMU to notify the VM about command completion. The interrupt manager 180 of the IOMMU extracts the interrupt handle 194 from the interrupt message data and uses it to index the IRT 186 to identify a pointer to an IRTE 184. In some embodiments, the interrupt manager 180 extracts a ASID 182 from an IRTE 184 of the IRT 186. If the ASID 192 in the interrupt message data matches the ASID 182 in the IRTE 184, the interrupt manager uses the IRTE 184 to identify an Interrupt Posting structure and send a Posted interrupt to the VM).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to include an interrupt handler realm to route one or more interrupts to their correct destination realm, as taught by Kumar. This would be convenient to prevents one VM from sending spurious interrupts to other VMs (Kumar, Parag. [0041]).
Hopkins doesn’t explicitly disclose wherein the security monitor logic is further to maintain a register to store a current RID corresponding to an execution context of the logical processor wherein the current RID is only modifiable by the security monitor logic.
However, Avanzi discloses wherein the security monitor logic is further to maintain a register to store a current RID corresponding to an execution context of the logical processor wherein the current RID is only modifiable by the security monitor logic (See Parag. [0038-0039]; the realm manager 308 of the software protection device 302 may generate one or more realms (e.g., the realm 316) in the memory device 304… The realm manager 308 may store the RID and the corresponding EEK in the key store 310 through the exclusive interface 324. The RID may be disclosed to entities outside of the software protection device 302, while the EEK may not be known to any entity outside of the software protection device 302. The RID, the EEK, and their association may be modified within the software protection device 302 and may not be modified by any entity external to the software protection device 302).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to include a register to store a current RID wherein the current RID is only modifiable by the security monitor logic, as taught by Avanzi. This would be convenient to maintain the security of the software stored in the realm (Avanzi, Parag. [0026]).
Claim 19. The applicant is directed to the rejections to claim 2 set forth above, as they are rejected based on the same rationale.
Claim 20. The applicant is directed to the rejections to claim 4 set forth above, as they are rejected based on the same rationale.
Claim 22. The applicant is directed to the rejections to claim 7 set forth above, as they are rejected based on the same rationale.
Claim 24. The applicant is directed to the rejections to claim 9 set forth above, as they are rejected based on the same rationale.
Claims 6, 8, 11, 21, 23, and 25 are rejected under 35 U.S.C. 103 as being unpatentable over Hopkins (Pub. No. US 2017/0126742), hereinafter Hopkins, in view of Kumar et al. (Pub. No. US 2020/0117624), hereinafter Kumar; in view of Avanzi et al. (Pub. No. US 2017/0010982), hereinafter Avanzi; in further view of Evans et al. (Pub. No. US 2020/0401441), hereinafter Evans.
Claim 6. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Hopkins doesn’t explicitly disclose wherein the plurality of logical realms comprise one or more Virtual Machine Monitor (VMM) realms, wherein each of the one or more VMM realms comprises one or more Virtual Machines (VMs).
However, Evans discloses wherein the plurality of logical realms comprise one or more Virtual Machine Monitor (VMM) realms, wherein each of the one or more VMM realms comprises one or more Virtual Machines (VMs) (See Parag. [0058]; a plurality of memory regions is divided amongst a plurality of owner realms. Each realm corresponds to at least a portion of at least one software process, and is allocated ownership of a number of memory regions. Using this arrangement it is possible for a process, such as a hypervisor, to control which memory regions (pages of memory) are contained within realms owned by respective guest virtual machines (guest operating systems) managed by that hypervisor…).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to include Virtual Machine Monitor that includes one or more Virtual Machines, as taught by Evans. This would be convenient for controlling access to data, based on privilege level, so that a process executing at a higher privilege level can exclude less privileged processes from accessing data associated with the more privileged process (Evans, Parag. [0002]).
Claim 8. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 7,
Hopkins doesn’t explicitly disclose wherein the security monitor logic is to control any communication between the plurality of logical realms in response to a VMM entry request or a VMM exit.
However, Evans discloses wherein the security monitor logic is to control any communication between the plurality of logical realms in response to a VMM entry request or a VMM exit (See Parag. [0089]; the realm management data 122 also includes realm execution context regions 126 which can be used for saving and restoring architectural state associated with a given realm upon realm exit or entry…the realm management unit 20 and MMU 26 can be seen as memory access circuitry which enforces the ownership rights defined by an owner realm for the memory regions owned by that realm. This can be particularly useful for a cloud platform in which a number of virtual machines 36 provided by different parties may be executing under control of a hypervisor 38 provided by the cloud server operator).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to include Virtual Machine Monitor that includes one or more Virtual Machines, as taught by Evans. This would be convenient for controlling access to data, based on privilege level, so that a process executing at a higher privilege level can exclude less privileged processes from accessing data associated with the more privileged process (Evans, Parag. [0002]).
Claim 11. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Hopkins doesn’t explicitly disclose the apparatus further comprising an access control data structure to store the RID for each of the plurality of logical realms.
However, Evans discloses an access control data structure to store the RID for each of the plurality of logical realms (See Parag. [0199]; at least one realm identifier register may be provided, and in response to the second variant of the exception return instruction the processing circuitry may identify the destination realm from a realm identifier stored in the realm identifier register. The realm identifier register may be banked, so that there are multiple realm identifier registers each associated with one of the exception levels).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to include an access control data structure to store the RID for each of the plurality of logical realms, as taught by Evans. This would be convenient for controlling access to data, based on privilege level, so that a process executing at a higher privilege level can exclude less privileged processes from accessing data associated with the more privileged process (Evans, Parag. [0002]).
Claim 21. The applicant is directed to the rejections to claim 6 set forth above, as they are rejected based on the same rationale.
Claim 23. The applicant is directed to the rejections to claim 8 set forth above, as they are rejected based on the same rationale.
Claim 25. The applicant is directed to the rejections to claim 11 set forth above, as they are rejected based on the same rationale.
Claims 14 and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Hopkins (Pub. No. US 2017/0126742), hereinafter Hopkins, in view of Kumar et al. (Pub. No. US 2020/0117624), hereinafter Kumar; in view of Avanzi et al. (Pub. No. US 2017/0010982), hereinafter Avanzi; and in further view of Brown et al. (Pub. No. US 2013/0159799), hereinafter Brown.
Claim 14. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Hopkins doesn’t explicitly disclose wherein at least one of the plurality of processor cores is dedicated to execute operations for the security monitor logic to guarantee availability on a periodic or permanent basis.
However, Brown discloses wherein at least one of the plurality of processor cores is dedicated to execute operations for the security monitor logic to guarantee availability on a periodic or permanent basis (See Parag. [0064]; On modern multi-core processor chips and other system-on-a-chips (SOCs) there are typically many duplicate copies of the same processor core, with the number of duplicate copies expected to increase from tens of cores to hundreds of cores or more. It has been found that this duplicate hardware may be leveraged to enable faster, more accurate, hardware BIST).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to plurality of processor cores, as taught by Brown. This would be convenient to enable faster, more accurate, hardware BIST (Brown, Parag. [0002]).
Claim 16. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Hopkins doesn’t explicitly disclose the apparatus comprising logic circuitry to isolate a faulty processor core from the plurality of processor cores.
However, Brown discloses the apparatus comprising logic circuitry to isolate a faulty processor core from the plurality of processor cores (See Parag. [0064]; As long as at least three cores are used, a faulty core that has a failing signature may be identified. Furthermore, by comparing those failing signatures, exactly which latch is failing may be identified, and if a failing latch is identified with a particular functional unit, that failing functional unit may also be identified, and if desired, automatically disabled).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to plurality of processor cores, as taught by Brown. This would be convenient to enable faster, more accurate, hardware BIST (Brown, Parag. [0002]).
Claim 17. Hopkins in view of Kumar and Avanzi discloses the apparatus of claim 1,
Hopkins doesn’t explicitly disclose the apparatus comprising logic circuitry to map out faulty memory.
However, Brown discloses the apparatus comprising logic circuitry to map out faulty memory (See Parag. [0064]; by scanning the same initial value into multiple cores, clocking the cores, and then scanning the data out and comparing the results, a voting scheme may be used to determine if the hardware is bad. As long as at least three cores are used, a faulty core that has a failing signature may be identified. Furthermore, by comparing those failing signatures, exactly which latch is failing may be identified, and if a failing latch is identified with a particular functional unit, that failing functional unit may also be identified, and if desired, automatically disabled).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the plurality of logical realms, taught by Hopkins, to plurality of processor cores, as taught by Brown. This would be convenient to enable faster, more accurate, hardware BIST (Brown, Parag. [0002]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-form 892).
The following Patents and Papers are cited to further show the state of the art at the time of Applicant’s invention with respect to logical resource partitioning via realm isolation.
Avanzi et al. (Pub. No. US 2017/0085542); “Separation of Software Modules by Controlled Encryption Key Management;”
Teaches a method for protecting software includes obtaining a payload including at least one of instructions or data, establishing a realm in a memory device, encrypting the payload based on an ephemeral encryption key (EEK) associated with the realm, and storing the encrypted payload in the realm of the memory device. In another aspect, a method for protecting software includes receiving a memory transaction associated with the memory device, the memory transaction including at least a realm identifier (RID) and a realm indicator bit, obtaining the EEK associated with the RID when the RID indicates the realm and when the realm indicator bit is enabled, decrypting an instruction and/or data retrieved from the realm based on the EEK when the memory transaction is a read transaction, and encrypting second data for storage in the realm based on the EEK when the memory transaction is a write transaction (See Abstract).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GHIZLANE MAAZOUZ whose telephone number is (571)272-8118. The examiner can normally be reached Telework M-F 7:30-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached on 571-272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/GHIZLANE MAAZOUZ/Examiner, Art Unit 2499
/PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499