SBC-4 wording on SANITIZE command behavior

John Geldman (jgeldman) jgeldman at
Tue Jan 6 11:32:13 PST 2015

Formatted message: <a href="">HTML-formatted message</a>

Does the restriction description in the model clause (pdf page 64 in sbc4r04)
cover this? (see 4.11.1)

Note the last sentence in the third paragraph (more included for background)

An application client may request that a sanitize operation be performed in
the restricted completion mode or the unrestricted completion mode (see
4.11.3) using the AUSE bit in the SANITIZE command (see 5.24).

In the unrestricted completion mode, a SANITIZE command with the EXIT FAILURE
MODE service action exits a failed sanitize operation.

In the restricted completion mode, the only method to exit a failed sanitize
operation is for a SANITIZE command to request another sanitize operation and
for that operation to complete without error. If a sanitize operation in the
restricted completion mode completes with an error, and a subsequent SANITIZE
command requests the unrestricted completion mode (i.e., the AUSE bit set to
one), then the device server shall terminate that SANITIZE command as
described in 5.24.1.

Happy New Year,


John Geldman

Director, Industry Standards

Micron Semiconductor

540 Alder Drive

Milpitas, CA 95035

Phone:	1-408-822-0348

Mobile: 1-510-449-3597

email:jgeldman at

From: owner-t10 at [mailto:owner-t10 at] On Behalf Of Gerry Houlder

Sent: Tuesday, January 06, 2015 7:29 AM

To: T10 Reflector

Subject: SBC-4 wording on SANITIZE command behavior

This is text in the SANITIZE command describing response to AUSE bit=0.


a) the AUSE bit is set to zero in the SANITIZE command that requested a
sanitize operation;

b) the specified sanitize operation completes with an error; and

c) a subsequent SANITIZE command with the EXIT FAILURE MODE service action is

then the device sever shall terminate that subsequent SANITIZE command with
CHECK CONDITION status with the sense key set to ILLEGAL REQUEST and the
additional sense code set to INVALID FIELD IN CDB.

I recall discussion of a sanitize failure with AUSE=0 that a subsequent
SANITIZE with an option other than EXIT FAILURE MODE also had to have AUSE=0
in order to be accepted by the device server. i thought we intended that a
subsequent SANITIZE command with AUSE=1 would also result in illegal request
but i can't find any words to that effect. Did we intentionally drop that
requirement or did we forget to add that requirement? Or is it somewhere else
and i just didn't find it?

More information about the T10 mailing list