IOCTL_EHSTOR_BANDMGMT_DELETE_BAND IOCTL (ehstorbandmgmt.h)
A configured band on a storage device is deleted with the IOCTL_EHSTOR_BANDMGMT_DELETE_BAND request. An erase option in the input parameters allows the request to perform a cryptographic erase of the band data.
Major code
Input buffer
The input buffer at Irp->AssociatedIrp.SystemBuffer must contain a DELETE_BAND_PARAMETERS and possibly an AUTH_KEY structure.
If the AuthKeyOffset member of DELETE_BAND_PARAMETERS is set to EHSTOR_BANDMGR_NO_KEY, the input data in the system buffer need not include an AUTH_KEY structure.
Input buffer length
Parameters.DeviceIoControl.InputBufferLength indicates the size, in bytes, of the buffer, which must be at least sizeof (DELETE_BAND_PARAMETERS) + sizeof(AUTH_KEY).
Output buffer
None.
Output buffer length
None.
Status block
One of the following values can be returned in the Status field.
Status Value | Description |
---|---|
STATUS_SUCCESS | The band was successfully deleted. |
STATUS_INVALID_DEVICE_REQUEST | The storage device does not support band management. |
STATUS_INVALID_BUFFER_SIZE | The input buffer size is incorrect. |
STATUS_INVALID_PARAMETER | Information in the input buffer is invalid. |
STATUS_ACCESS_DENIED | The authentication key is invalid or band is locked for writing. |
STATUS_NOT_FOUND | The band was not found for the selection criteria provided. |
STATUS_IO_DEVICE_ERROR | Communication failed. The storage device might be incompatible with security protocols. |
Remarks
An authentication key is required to delete a band without performing an erase first. To request a band erase, the DELBAND_ERASE_BEFORE_DELETE flag is set in the Flags member of DELETE_BAND_PARAMETERS.
After a band delete, all LBAs contained in the deleted band are returned to the global band. The locking conditions for the global band now apply to the LBAs returned to the global band. The LBAs returned to the global band are now associated with the media key for the global band and encrypted data in those LBAs is unrecoverable.
The deleted band remains in the silo driver's band table but becomes unconfigured. The authentication key is reset to the default value, band and key metadata contains zeros, and the lock states revert to PERSISTENT_UNLOCK. The band is now available for reconfiguration with an IOCTL_EHSTOR_BANDMGMT_CREATE_BAND request.
Deleting a band without a cryptographic erase will not remove the encryption key for that band. It is possible to later create a band with the same configuration and band identifier as the deleted band. In this case, data previously stored in the band and not overwritten since the deletion of the previous band will be available. To avoid this situation, delete the band with the DELBAND_ERASE_BEFORE_DELETE flag set in DELETE_BAND_PARAMETERS.
The IOCTL_EHSTOR_BANDMGMT_DELETE_BAND will not delete the global band. A request to do so will return STATUS_INVALID_PARAMETER.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Available starting with Windows 8. |
Header | ehstorbandmgmt.h (include EhStorBandMgmt.h) |