A configured band on a storage device is deleted with the IOCTL_EHSTOR_BANDMGMT_DELETE_BAND request. An erase option in the input parameters allows the request to perform a cryptographic erase of the band data.

Input Parameters

The input buffer at Irp->AssociatedIrp.SystemBuffer must contain a DELETE_BAND_PARAMETERS and possibly an AUTH_KEY structure. Parameters.DeviceIoControl.InputBufferLength indicates the size, in bytes, of the buffer, which must be at least sizeof (DELETE_BAND_PARAMETERS) + sizeof(AUTH_KEY).

If the AuthKeyOffset member of DELETE_BAND_PARAMETERS is set to EHSTOR_BANDMGR_NO_KEY, the input data in the system buffer need not include an AUTH_KEY structure.

Output Parameters


I/O Status Block

One of the following values can be returned in the Status field.

Status ValueDescription
STATUS_SUCCESSThe band was successfully deleted.
STATUS_INVALID_DEVICE_REQUESTThe storage device does not support band management.
STATUS_INVALID_BUFFER_SIZEThe input buffer size is incorrect.
STATUS_INVALID_PARAMETERInformation in the input buffer is invalid.
STATUS_ACCESS_DENIEDThe authentication key is invalid or band is locked for writing.
STATUS_NOT_FOUNDThe band was not found for the selection criteria provided.
STATUS_IO_DEVICE_ERRORCommunication failed. The storage device might be incompatible with security protocols.



An authentication key is required to delete a band without performing an erase first. To request a band erase, the DELBAND_ERASE_BEFORE_DELETE flag is set in the Flags member of DELETE_BAND_PARAMETERS.

After a band delete, all LBAs contained in the deleted band are returned to the global band. The locking conditions for the global band now apply to the LBAs returned to the global band. The LBAs returned to the global band are now associated with the media key for the global band and encrypted data in those LBAs is unrecoverable.

The deleted band remains in the silo driver's band table but becomes unconfigured. The authentication key is reset to the default value, band and key metadata contains zeros, and the lock states revert to PERSISTENT_UNLOCK. The band is now available for reconfiguration with an IOCTL_EHSTOR_BANDMGMT_CREATE_BAND request.

Deleting a band without a cryptographic erase will not remove the encryption key for that band. It is possible to later create a band with the same configuration and band identifier as the deleted band. In this case, data previously stored in the band and not overwritten since the deletion of the previous band will be available. To avoid this situation, delete the band with the DELBAND_ERASE_BEFORE_DELETE flag set in DELETE_BAND_PARAMETERS.

The IOCTL_EHSTOR_BANDMGMT_DELETE_BAND will not delete the global band. A request to do so will return STATUS_INVALID_PARAMETER.



Available starting with Windows 8.


EhStorBandMgmt.h (include EhStorBandMgmt.h)

See also




Send comments about this topic to Microsoft