Apparatus and Method for Flexible Processor Security and Authenticated Code Execution

§102 §103

DETAILED ACTION This communication is responsive to the application # 18/087,776 filed on December 22, 2022. Claims 1-30 are pending and are directed toward APPARATUS AND METHOD FOR FLEXIBLE PROCESSOR SECURITY AND AUTHENTICATED CODE EXECUTION. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Drawings New corrected drawings in compliance with 37 CFR 1.121(d) are required in this application because FIG. 1-6, 8-11, and 26 are of poor quality. Applicant is advised to employ the services of a competent patent draftsperson outside the Office, as the U.S. Patent and Trademark Office no longer prepares new drawings. The corrected drawings are required in reply to the Office action to avoid abandonment of the application. The requirement for corrected drawings will not be held in abeyance. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. Claims 1, 5, 6, 10, 11, 15, 16, 20, 21, 25, 26, and 30 rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Datta et al. (US 2013/0212673, Pub. Date: Aug. 15, 2013), hereinafter referred to as Datta. As per claim 1, Datta teaches A processor comprising: a secure memory to store an authenticated code module (ACM) (Embodiments of the present invention in systems, apparatuses, and methods for entering a secured computing environment using multiple authenticated code modules ( each, an "ACM") are described. Datta, [0013]); and security hardware logic to process the ACM based on a microarchitecture of the processor, the security hardware logic to validate the ACM (Cache 122 may be configured to operate in CRAM mode so that cache 122 may serve as a private, secure memory in which processor 120 may authenticate ACM 192, Datta, [0033]) and parse a header of the ACM to determine an entry point for processing the ACM in accordance with the microarchitecture (if both the master header and the matching individual ACM are successfully authenticated, then in box 558, the master hash may be sent to a token, such as token 170, to be stored in a PCR for use in sealing and unsealing secrets in the measured launch environment or secured system environment. Datta, [0049]). As per claim 5, Datta teaches the processor of claim 1 wherein at least a portion of the security logic comprises an instruction processing pipeline of a logical processor or core (Processors 120, 130, and 140, system memory 150, chipset 160, token 170, and device 180 may be coupled to or communicate with each other according to any known approach, such as directly or indirectly through one or more parallel, sequential, pipelined, asynchronous, synchronous, wired, wireless, or other bus or point-to-point connection. Datta, [0021]). As per claim 6, Datta teaches the processor of claim 1 wherein, based on the ACM, the security hardware logic is to perform one or more tests or measurements related to a configuration of a chipset and/or the processor to verify an acceptable configuration (For example, ACM 192 may be used to initialize, configure, and test components within system 100 for their participation in the secured environment. In one embodiment, ACM 192 may be used to test the memory configuration of system 100, as controlled by memory controller functions in any processor, chipset, or other component in system 100, to ensure that access to certain pages or portions of system memory 150 may be limited or controlled such that MVMM 194 and/or other software used to secure system 100 may be protected when stored in system memory 150. Datta, [0032]). As per claim 10, Datta teaches the processor of claim 1 wherein the secure memory comprises a cache operated in a secure mode (Cache 122 may be configured to operate in CRAM mode so that cache 122 may serve as a private, secure memory in which processor 120 may authenticate ACM 192 ( or a portion of ACM 192, Datta, [0033]). Claims 11, 15, 16, 20, 21, 25, 26, and 30 have limitations similar to those treated in the above rejection, and are met by the references as discussed above, and are rejected for the same reasons of anticipation as used above. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 2, 7, 9, 12, 17, 19, 22, 27, and 29 are rejected under 35 U.S.C. 103 as being unpatentable over Datta et al. (US 2013/0212673, Pub. Date: Aug. 15, 2013), in view of UEFI Forum (Advanced Configuration and Power Interface (ACPI) Specification Release 6.5, Aug 29, 2022, 1126 pages), hereinafter referred to as Datta and UEFI. As per claim 2, Datta teaches the processor of claim 1, but does not teach 32/64 mode, UEFI however teaches wherein the microarchitecture is one of a first microarchitecture and a second microarchitecture, the security hardware logic to process the ACM in a 32-bit protected mode if the microarchitecture is the first microarchitecture and to process the ACM in a 64-bit mode if the microarchitecture is the second microarchitecture (This field also sets the global integer width for the AML interpreter. Values less than two will cause the interpreter to use 32-bit integers and math. Values of two and greater will cause the interpreter to use full 64-bit integers and math. UEFI, page 126). Datta in view of UEFI are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Datta in view of UEFI. This would have been desirable because for IA 32 and x64 platforms, platform firmware is required to support a 32 bit execution environment. Platform firmware can additionally support a 64 bit execution environment (UEFI, page 122). As per claim 7, Datta teaches the processor of claim 6 wherein if the chipset and/or processor have an acceptable configuration, the security logic is to initiate a measured launch environment (MLE) (In box 566, entry of system 100 into a measured launch environment ("MLE") or secured system environment may be completed. Datta, [0050]), but does not teach in a 64-bit mode, UEFI however teaches in a 64-bit mode (For IA 32 and x64 platforms, platform firmware is required to support a 32 bit execution environment. Platform firmware can additionally support a 64 bit execution environment (UEFI, page 122). Datta in view of UEFI are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Datta in view of UEFI. This would have been desirable because MVMM 194 may be any virtual machine monitor, hypervisor, or other such software program that is a trusted entity invoked during a SENTER process to control one or more virtual machines to execute other software programs (often called a measured launch environment, or "MLE"), some of which are trusted and some of which are not trusted (Datta, [0033]). As per claim 9, Datta teaches the processor of claim 1, but does not teach in a 64-bit mode, UEFI however teaches wherein the security logic is to process the ACM in the 64-bit mode with paging enabled (For 64 bit execution environment: Interrupts must be disabled EFLAGS.IF set to 0 Long mode enabled Paging mode is enabled, UEFI, page 122). Datta in view of UEFI are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Datta in view of UEFI. This would have been desirable because for IA 32 and x64 platforms, platform firmware is required to support a 32 bit execution environment. Platform firmware can additionally support a 64 bit execution environment (UEFI, page 122). Claims 12, 17, 19, 22, 27, and 29 have limitations similar to those treated in the above rejection, and are met by the references as discussed above, and are rejected for the same reasons of obviousness as used above. Claims 8, 18, and 28 are rejected under 35 U.S.C. 103 as being unpatentable over Datta et al. (US 2013/0212673, Pub. Date: Aug. 15, 2013), in view of UEFI Forum (Advanced Configuration and Power Interface (ACPI) Specification Release 6.5, Aug 29, 2022, 1126 pages), in view of Intel (Intel® Trusted Execution Technology Software Development Guide Measured Launched Environment Developer’s Guide, June 2008, 82 pages) hereinafter referred to as Datta, UEFI and Intel. As per claim 8, Datta in view of UEFI teaches the processor of claim 7 wherein to initiate the MLE, but does not teach parsing MLE header, Intel however teaches the security logic is to parse an MLE header to determine one or more variables for the MLE (The MLE initialization code is executed on the ILP when the SINIT AC module executes the GETSEC[EXITAC] instruction—the MLE initialization code is the first MLE code to run after GETSEC[SENTER] and within the measured environment. The SINIT AC module obtains the MLE initialization code entry point for the MLE EntryPoint field in the MLE Header data structure whose address is specified in the OsSinitData entry in the Intel TXT Heap, Intel, page 29). Datta in view of UEFI in view of Intel are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Datta in view of UEFI in view of Intel. This would have been desirable because the MLE initialization code is responsible for setting up the protections necessary to safely launch any additional environments or software. The initialization includes Intel TXT hardware initialization, waking and initializing the RLPs, MLE software initialization and initialization of the STM (Intel, page 29). Claims 18 and 28 have limitations similar to those treated in the above rejection, and are met by the references as discussed above, and are rejected for the same reasons of obviousness as used above. Allowable Subject Matter Claims 3, 4, 13, 14, 23, and 24 are indicated as allowable over cited prior art, because no cited by Examiner prior art teaches the limitations of the claims as currently presented. As allowable subject matter has been indicated, applicant's reply must either comply with all formal requirements or specifically traverse each requirement not complied with. See 37 CFR 1.111(b) and MPEP § 707.07(a). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLEG KORSAK whose telephone number is (571)270-1938. The examiner can normally be reached on Monday-Friday 7:30am - 5:00pm EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached on (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /OLEG KORSAK/ Primary Examiner, Art Unit 2492