IOCTL_EHSTOR_BANDMGMT_ACTIVATE IOCTL (ehstorbandmgmt.h)
This IOCTL_EHSTOR_BANDMGMT_ACTIVATE request is sent to activate the security features and band management on a storage device. The request includes activation options and the authentication key.
Major code
Input buffer
The input buffer at Irp->AssociatedIrp.SystemBuffer contains an ACTIVATE_REVERT_PARAMETERS structure. ACTIVATE_REVERT_PARAMETERS is declared in ehstorbandmgmt.h as the following.
typedef struct _ACTIVATE_REVERT_PARAMETERS
{
ULONG StructSize;
ULONG Flags;
ULONG AuthKeyOffset;
} ACTIVATE_REVERT_PARAMETERS;
Following ACTIVATE_REVERT_PARAMETERS in the system buffer is an AUTH_KEY structure. This holds the key data bytes for the authentication key. AUTH_KEY is declared in ehstorbandmgmt.h as the following.
typedef struct _AUTH_KEY
{
ULONG KeySize;
UCHAR Key[ANYSIZE_ARRAY];
} AUTH_KEY;
Input buffer length
The length of an ACTIVATE_REVERT_PARAMETERS structure.
Output buffer
None.
Output buffer length
None.
Status block
One of the following values can be returned in the Status field.
| Status Value | Description |
|---|---|
| STATUS_SUCCESS | Security features on the storage device were activated. |
| STATUS_INVALID_DEVICE_REQUEST | The storage device does not support band management. |
| STATUS_INVALID_BUFFER_SIZE | The input buffer size is invalid. |
| STATUS_INVALID_PARAMETER | Information in the input buffer is invalid. |
| STATUS_ACCESS_DENIED | The authentication key is invalid. Activation is denied. |
| STATUS_DEVICE_CONFIGURATION_ERROR | The system cannot configure the device in a supported mode. |
| STATUS_IO_DEVICE_ERROR | Communication failed. The storage device might be incompatible with security protocols. |
| STATUS_INVALID_DEVICE_STATE | The storage device is already activated. |
| STATUS_NOT_SUPPORTED | Security features on the device were not activated because of a Group Policy setting. |
Remarks
If STATUS_SUCCESS is returned from this request, a driver or application can then send an IOCTL_EHSTOR_BANDMGMT_QUERY_CAPABILITIES request to retrieve the enabled band management capabilities of the device.
Before a successful return from IOCTL_EHSTOR_BANDMGMT_ACTIVATE, the device is not activated. Until the device is activated, the only band management IOCTL that will return successfully is IOCTL_EHSTOR_BANDMGMT_QUERY_CAPABILITIES. After activation, the remaining band management IOCTLs are available.
Activation of Enhanced Storage devices is controlled by the Group Policy settings of the system. The registry value at HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices\TCGSecurityActivationDisabled determines whether security activation is enabled. A REG_DWORD value of 0 allows security activation on the storage device. Otherwise, a value of 1 disables security activation and the IOCTL_EHSTOR_BANDMGMT_ACTIVATE request will return with STATUS_NOT_SUPPORTED.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Available starting with Windows 8. |
| Header | ehstorbandmgmt.h (include EhStorBandMgmt.h) |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for