Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This is in response to Application #18/149,055 filed on 12/30/2022 in which Claims 1-25 are presented for examination.
Status of Claims
Claims 1-25 are pending, of which Claims 1-6, 8, 11-16, 18, 21-25 are rejected under 35 U.S.C. 103, dependent Claims 7, 9, 10, 17, 19, 20 are objected to as being allowable as a whole over prior art if rewritten in independent form including all of the limitations of their base independent claim and any intervening dependent claims.
Applicant’s Most Recent Claim Set of 12/30/2022
Applicant’s most recent claim set of 12/30/2022 is considered to be the latest claim set under consideration by the examiner.
Claim Objections
Applicant is advised that should claim 1 be found allowable, claim 21 will be objected to under 37 CFR 1.75 as being a substantial duplicate thereof. When two claims in an application are duplicates or else are so close in content that they both cover the same thing, despite a slight difference in wording, it is proper after allowing one claim to object to the other as being a substantial duplicate of the allowed claim. See MPEP § 608.01(m).
Appropriate correction is required.
Prior Art Rejections - 35 USC § 102 and/or 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1-6, 8, 11-16, 18, 21-25 are rejected under 35 U.S.C. 103 as being unpatentable over Khosravi et al US Patent Application Publication #2019/0147192 in view of DeHon US Patent #10,521,230.
Regarding Claim 1, Khosravi et al. discloses:
An apparatus comprising: a hardware processor core to implement a trust domain manager to manage one or more hardware isolated virtual machines as a respective trust domain with a region of protected memory [(Khosravi et al. Par 3 Lines 1-4; Par 8 Lines 1-3; Par 17 Lines 1-4; Par 23 Lines 1-8; Par 86 Lines 5-8; Par 87 Lines 7-9; Par 89 Lines 1-14; Par 91 Lines 12-17; Figures 1A, 5, 13) where Khosravi et al. teaches a trust domain manager based on a hardware processor with a hardware processor core that manages hardware isolated virtual machines that form independent and separate virtual machines which are stored in cryptographically isolated protected memory]; and
input/output memory management unit (IOMMU) circuitry comprising trusted direct memory access translation data and coupled between the hardware processor core and an input/output device [(Khosravi et al. Par 185; Par 187; Par 191; Par 195 Line 16; Fig 14, 15, 16) where Khosravi et al. teaches direct memory access circuitry coupled between the hardware processor core and an input/output memory management unit],
Khosravi et al. does not appear to explicitly disclose:
wherein the IOMMU circuitry is to, for a request from the input/output device for a direct memory access of a protected memory of a trust domain: in response to a field in the request being set to indicate the input/output device is in a trusted computing base of the trust domain and an entry in the trusted direct memory access translation data being set into an active state by the trust domain manager, allow the direct memory access by the input/output device.
However, DeHon discloses:
wherein the IOMMU circuitry is to, for a request from the input/output device for a direct memory access of a protected memory of a trust domain: in response to a field in the request being set to indicate the input/output device is in a trusted computing base of the trust domain and an entry in the trusted direct memory access translation data being set into an active state by the trust domain manager, allow the direct memory access by the input/output device [(DeHon Claim 17 Lines 24-49 of Column 121) where DeHon teaches receiving from an input/output device or fabric a request for a direct memory access of trusted protected memory of a trusted domain, in response to metadata tags or fields in the request, combined with a rule cache containing memory access translation and permission data that has an entry establishing that the request has come from a device actively trusted to access the trusted protected memory via a direct memory access, the requested direct memory access is allowed].
Khosravi et al. and DeHon are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area”. Namely, they are both from the field of “information security”.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Khosravi et al. and the teachings of DeHon by providing on receipt from an input/output device or fabric a request for a direct memory access of trusted protected memory of a trusted domain, in response to metadata tags or fields in the request, combined with a rule cache containing memory access translation and permission data that has an entry establishing that the request has come from a device trusted to access the trusted protected memory via a direct memory access, the requested direct memory access is allowed as taught by DeHon in the teaching described by Khosravi et al.
The motivation for doing so would be to increase the usability and flexibility of Khosravi et al. by providing on receipt from an input/output device or fabric a request for a direct memory access of trusted protected memory of a trusted domain, in response to metadata tags or fields in the request, combined with a rule cache containing memory access translation and permission data that has an entry establishing that the request has come from a device trusted to access the trusted protected memory via a direct memory access, the requested direct memory access is allowed as taught by DeHon in the teaching described by Khosravi et al. so as to provide a secure way to only allow trusted computing devices of the trusted domain permission to access protected data, thereby ensuring its protection.
Regarding Claim 2, most of the limitations of this claim have been noted in the rejection of Claim 1. Applicant is directed to the rejection of Claim 1 above. In addition, the combination of Khosravi et al. and DeHon discloses:
The apparatus of claim 1, wherein the IOMMU circuitry is to, in response to the entry in the trusted direct memory access translation data being set into a not active state by the trust domain manager, block the direct memory access by the input/output device [(DeHon Claim 17 Lines 24-49 of Column 121) where DeHon teaches receiving from an input/output device or fabric a request for a direct memory access of trusted protected memory of a trusted domain, in response to metadata tags or fields in the request, combined with a rule cache containing memory access translation and permission data that has an entry establishing that the request has come from a device actively trusted to access the trusted protected memory via a direct memory access, the requested direct memory access is allowed, should the metadata tags or fields in the request not match up with an entry in the rule cache, the requested direct memory access is denied].
Regarding Claim 3, most of the limitations of this claim have been noted in the rejection of Claim 1. Applicant is directed to the rejection of Claim 1 above. In addition, the combination of Khosravi et al. and DeHon discloses:
The apparatus of claim 1, wherein the IOMMU circuitry is to perform a protection check for an address in the request, and in response to a successful protection check, allow the direct memory access by the input/output device, and in response to an unsuccessful protection check, block the direct memory access by the input/output device [(DeHon Claim 17 Lines 24-49 of Column 121) where DeHon teaches receiving from an input/output device or fabric a request for a direct memory access of trusted protected memory of a trusted domain, in response to metadata tags or fields, combined with a rule cache containing memory access translation and permission data that has an entry establishing that the request has come from a device trusted to access the trusted protected memory via a direct memory access at the requested address range, the requested direct memory access is allowed, should the metadata tags or fields along with a desired memory address range in the request not match up with an entry in the rule cache, the requested direct memory access is denied].
Regarding Claim 4, most of the limitations of this claim have been noted in the rejection of Claim 1. Applicant is directed to the rejection of Claim 1 above. In addition, the combination of Khosravi et al. and DeHon discloses:
The apparatus of claim 1, wherein the IOMMU circuitry is to perform an address translation to determine a host physical address corresponding to a guest address in the request, and in response to a successful address translation, allow the direct memory access by the input/output device, and in response to an unsuccessful address translation, block the direct memory access by the input/output device [(DeHon Claim 17 Lines 24-49 of Column 121) (Khosravi et al Par 46, Par 63) where Khosravi et al and DeHon teach receiving from an input/output device or fabric a request for a direct memory access of trusted protected memory of a trusted domain with a host physical address corresponding to a guest address in the request, in response to metadata tags or fields, combined with a rule cache containing memory access translation and permission data that has an entry establishing that the request has come from a device trusted to access the trusted protected memory via a direct memory access at the requested address range, the requested direct memory access is allowed, should the metadata tags or fields along with a desired memory address range in the request not match up with an entry in the rule cache, the requested direct memory access is denied].
Regarding Claim 5, most of the limitations of this claim have been noted in the rejection of Claim 4. Applicant is directed to the rejection of Claim 4 above. In addition, the combination of Khosravi et al. and DeHon discloses:
The apparatus of claim 4, wherein the guest address is a guest virtual address, and the IOMMU circuitry is to, based at least in part on the entry in the trusted direct memory access translation data, determine a guest physical address corresponding to the guest virtual address, and determine the host physical address based at least in part on the guest physical address. [(DeHon Claim 17 Lines 24-49 of Column 121) (Khosravi et al Par 46, Par 63) where Khosravi et al and DeHon teach receiving from an input/output device or fabric a request for a direct memory access of trusted protected memory of a trusted domain with a host physical address corresponding to a guest physical address in the request, with the guest physical address corresponding to a guest virtual address which is in response to metadata tags or fields in the request, combined with a rule cache containing memory access translation and permission data that has an entry establishing that the request has come from a device trusted to access the trusted protected memory via a direct memory access at the requested address range].
Regarding Claim 6, most of the limitations of this claim have been noted in the rejection of Claim 1. Applicant is directed to the rejection of Claim 1 above. In addition, the combination of Khosravi et al. and DeHon discloses:
The apparatus of claim 1, wherein the IOMMU circuitry is to perform an address translation to determine a host physical address corresponding to a guest address in the request, and in response to the host physical address being associated with the protected memory, send a trusted indication to the input/output device. [(DeHon Claim 17 Lines 24-49 of Column 121) (Khosravi et al Par 46, Par 63) where Khosravi et al and DeHon teach receiving from an input/output device or fabric a request for a direct memory access of trusted protected memory of a trusted domain with a host physical address corresponding to a guest physical address in the request, with the guest physical address corresponding to a guest virtual address which is in response to metadata tags or fields in the request, combined with a rule cache containing memory access translation and permission data that has an entry establishing that the request has come from a device trusted to access the trusted protected memory via a direct memory access at the requested address range, the requested direct memory access is allowed with the input/output device notified to proceed, should the metadata tags or fields along with a desired memory address range in the request not match up with an entry in the rule cache, the requested direct memory access is denied].
Regarding Claim 8, most of the limitations of this claim have been noted in the rejection of Claim 1. Applicant is directed to the rejection of Claim 1 above. In addition, the combination of Khosravi et al. and DeHon discloses:
The apparatus of claim 1, wherein the IOMMU circuitry comprises a trusted interface and an untrusted interface, and the IOMMU circuitry is to permit access to the trusted interface from the trust domain manager, and not another software agent [(Khosravi et al Par 44) where Khosravi et al teaches that the input/output memory management unit allows access to the trusted interface by the trusted domain manager, but disallows access by other software agents, including an untrusted domain manager].
Regarding Claim 11:
It is a method claim corresponding to the apparatus claim of claim 1. Therefore, claim 11 is rejected with the same rationale as applied against claim 1 above.
Regarding Claim 12:
It is a method claim corresponding to the apparatus claim of claim 2. Therefore, claim 12 is rejected with the same rationale as applied against claim 2 above.
Regarding Claim 13:
It is a method claim corresponding to the apparatus claim of claim 3. Therefore, claim 13 is rejected with the same rationale as applied against claim 3 above.
Regarding Claim 14:
It is a method claim corresponding to the apparatus claim of claim 4. Therefore, claim 14 is rejected with the same rationale as applied against claim 4 above.
Regarding Claim 15:
It is a method claim corresponding to the apparatus claim of claim 5. Therefore, claim 15 is rejected with the same rationale as applied against claim 5 above.
Regarding Claim 16:
It is a method claim corresponding to the apparatus claim of claim 6. Therefore, claim 16 is rejected with the same rationale as applied against claim 6 above.
Regarding Claim 18:
It is a method claim corresponding to the apparatus claim of claim 8. Therefore, claim 18 is rejected with the same rationale as applied against claim 8 above.
Regarding Claim 21:
It is a system claim corresponding to the apparatus claim of claim 1. Therefore, claim 21 is rejected with the same rationale as applied against claim 1 above.
Regarding Claim 22:
It is a system claim corresponding to the apparatus claim of claim 2. Therefore, claim 22 is rejected with the same rationale as applied against claim 2 above.
Regarding Claim 23:
It is a system claim corresponding to the apparatus claim of claim 3. Therefore, claim 23 is rejected with the same rationale as applied against claim 3 above.
Regarding Claim 24:
It is a system claim corresponding to the apparatus claim of claim 4. Therefore, claim 24 is rejected with the same rationale as applied against claim 4 above.
Regarding Claim 25:
It is a system claim corresponding to the apparatus claim of claim 5. Therefore, claim 25 is rejected with the same rationale as applied against claim 5 above.
Allowable Subject Matter – Dependent Claim(s)
Claims 7, 9, 10, 17, 19, 20 are objected to as being dependent upon a rejected base claim, but would be allowable as a whole over prior art if rewritten in independent form including all of the limitations of their base independent claim, and any intervening dependent claims.
The following is a statement of reasons for the indication of allowable subject matter.
The closest prior art, as recited, Khosravi et al US Patent Application Publication #2019/0147192 and DeHon US Patent #10,521,230, are also generally directed to various aspects of providing secure management of address translation procedures for confidential computing hosts. However, Khosravi et al or DeHon does not teach or suggest, either singularly or in combination, the particular combination of steps or elements as recited in the dependent Claims 7, 9, 10, 17, 19, 20 when also incorporating all of the limitations of their base independent claim and any intervening dependent claims. For example, none of the cited prior art teaches or suggests the steps of:
where the input/output memory management unit circuitry is coupled to a trusted data structure and an untrusted data structure, and in response to the field in the request being set to indicate the input/output device is in the trusted computing base of the trust domain, the input/output memory management unit circuitry is to access the trusted data structure, and in response to the field in the request being set to another value, the input/output memory management unit circuitry is to access the untrusted data structure, where the input/output memory management unit circuitry is coupled to a trusted data structure and an untrusted data structure, and a virtual machine monitor of the one or more hardware isolated virtual machines is permitted to access the untrusted data structure, and the trust domain manager, and not the virtual machine monitor of the one or more hardware isolated virtual machines, is permitted to access the trusted data structure, where the input/output memory management unit circuitry comprises untrusted direct memory access translation data, and the untrusted direct memory access translation data is accessed in response to the field being set to another value.
As recited in dependent Claims 7, 9, 10, 17, 19, 20 when also incorporating all of the limitations of their base independent claim, any intervening dependent claims, any additional limitations found in dependent Claims 7, 9, 10, 17, 19, 20.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Cordray et al - US_10230588_B2_I: Cordray et al teaches managing networks of connected electronic devices in which network management policy and network management applications are transferred automatically upon detection and identification of a new device, protocol, or application on the network.
Kang et el - US_20150089069_A1_I: Kang et al teaches security domain management for managing security domains in a trusted execution environment (TEE).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRADLEY HOLDER whose telephone number is 571-270-3789. The examiner can normally be reached on Monday-Friday 10:00AM-7:00PM Eastern Time.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Linglan Edwards, can be reached on (571) 270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BRADLEY W HOLDER/
Primary Examiner, Art Unit 2408