IOCTL_EHSTOR_BANDMGMT_ACTIVATE control code

This IOCTL_EHSTOR_BANDMGMT_ACTIVATE request is sent to activate the security features and band management on a storage device. The request includes activation options and the authentication key.

Input Parameters

The input buffer at Irp->AssociatedIrp.SystemBuffer contains an ACTIVATE_REVERT_PARAMETERS structure. ACTIVATE_REVERT_PARAMETERS is declared in ehstorbandmgmt.h as the following.


typedef struct _ACTIVATE_REVERT_PARAMETERS
{
    ULONG           StructSize;
    ULONG           Flags;
    ULONG           AuthKeyOffset;
} ACTIVATE_REVERT_PARAMETERS;

StructSize

The size of the structure. This is set to sizeof(ACTIVATE_REVERT_PARAMETERS).

Flags

A bitmask of activation flags. This is a bitwise OR value of the following.

FlagDescription
ACTIVATE_DISABLE_SIDSID authority will be disabled after activation.
ACTIVATE_IGNORE_POLICYActivate will ignore the global policy for security activation.

 

AuthKeyOffset

The offset from the beginning of the system buffer to the location of an AUTH_KEY structure.

Following ACTIVATE_REVERT_PARAMETERS in the system buffer is an AUTH_KEY structure. This holds the key data bytes for the authentication key. AUTH_KEY is declared in ehstorbandmgmt.h as the following.


typedef struct _AUTH_KEY
{
    ULONG   KeySize;
    UCHAR   Key[ANYSIZE_ARRAY];
} AUTH_KEY;

KeySize

The size of the key, in bytes, of the key data at Key. If KeySize is set to 0, a default key is used.

Key

A variable length byte array that contains the key data.

Output Parameters

None.

I/O Status Block

One of the following values can be returned in the Status field.

Status ValueDescription
STATUS_SUCCESSSecurity features on the storage device were activated.
STATUS_INVALID_DEVICE_REQUESTThe storage device does not support band management.
STATUS_INVALID_BUFFER_SIZEThe input buffer size is invalid.
STATUS_INVALID_PARAMETERInformation in the input buffer is invalid.
STATUS_ACCESS_DENIEDThe authentication key is invalid. Activation is denied.
STATUS_DEVICE_CONFIGURATION_ERRORThe system cannot configure the device in a supported mode.
STATUS_IO_DEVICE_ERRORCommunication failed. The storage device might be incompatible with security protocols.
STATUS_INVALID_DEVICE_STATEThe storage device is already activated.
STATUS_NOT_SUPPORTEDSecurity features on the device were not activated because of a Group Policy setting.

 

Remarks

If STATUS_SUCCESS is returned from this request, a driver or application can then send an IOCTL_EHSTOR_BANDMGMT_QUERY_CAPABILITIES request to retrieve the enabled band management capabilities of the device.

Before a successful return from IOCTL_EHSTOR_BANDMGMT_ACTIVATE, the device is not activated. Until the device is activated, the only band management IOCTL that will return successfully is IOCTL_EHSTOR_BANDMGMT_QUERY_CAPABILITIES. After activation, the remaining band management IOCTLs are available.

Activation of Enhanced Storage devices is controlled by the Group Policy settings of the system. The registry value at HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices\TCGSecurityActivationDisabled determines whether security activation is enabled. A REG_DWORD value of 0 allows security activation on the storage device. Otherwise, a value of 1 disables security activation and the IOCTL_EHSTOR_BANDMGMT_ACTIVATE request will return with STATUS_NOT_SUPPORTED.

Requirements

Version

Available starting with Windows 8.

Header

EhStorBandMgmt.h (include EhStorBandMgmt.h)

See also

IOCTL_EHSTOR_BANDMGMT_QUERY_CAPABILITIES
IOCTL_EHSTOR_BANDMGMT_REVERT

 

 

Send comments about this topic to Microsoft

顯示:
© 2014 Microsoft