ansaurus

Question

How do they read clusters/cylinders/sectors from the disk?

Answer 1

+3 A:

Cylinders and sectors (wiki explanation) are largely obsoleted by the newer LBA (logical block addressing) scheme for addressing drives.

If you're curious about the history, use the Wikipedia article as a starting point. If you're just wondering how it works now, code is expected to simply use the LBA address (which works largely the same way as a file does - a linear array of bytes arranged in blocks)

Steven Schlansker 2010-05-20 19:38:31

@Steven Schlansker: Do they use any kind of API for this? Well, I'm not just curious I want a hands on experience. I want to write a simple application which displays each LBA.

claws 2010-05-20 19:55:14

Most likely if they claim to examine each cylinder, they mean they examine each block. Doing a linear scan of the disk will give you all possible information, and it doesn't really matter how it is addressed. If you want how to convert CHS notation to LBA, there is a fairly simple formula on the linked page.

Steven Schlansker 2010-05-20 20:26:24

Answer 2

+1 A:

On linux, as root, you can save your MBR like this (Assuming you drive is /dev/sda):

dd if=/dev/sda of=mbr bs=512 count=1

If you wanted to read 1Mb from you drive, starting at the 10th MB:

dd if=/dev/sda of=1Mb bs=1Mb count=1 skip=10

Nicolas Viennot 2010-05-20 19:58:51

+1 nice info. But doesn't answer my question. I want to programatically do it. Otherwise I would have asked this question on superuser.com

claws 2010-05-20 20:10:45

Programatically ? fd = open("/dev/sda", O_RDONLY); read(fd, mbr_buffer, 512);

Nicolas Viennot 2010-05-20 20:12:10

Answer 3

+3 A:

It's easy due to the magic of *nix special device files. You can open and read /dev/sda the same way you'd read any other file.

Just use open, lseek, read, write (or pread, pwrite). If you want to make sure you're physically fetching data from a drive and not from kernel buffers you can open with the flag O_DIRECT (though you must perform aligned reads/writes of 512 byte chunks for this to work).

Eric Seppanen 2010-05-20 21:02:19

@Eric Seppanen : And in windows?

claws 2010-05-20 21:32:38

Answer 4

+3 A:

For *nix, there have been already answers (/dev directory); for Windows, there are the special objects \\.\PhisicalDriveX, with X as the number of the drive, which can be opened using the normal CreateFile API. To actually perform reads or writes you have then to use the DeviceIoControl function.

More info can be found in "Physical Disks and Volumes" section of the CreateFile API documentation.

Matteo Italia 2010-05-20 21:56:24

To perform reads or writes simply call ReadFile and WriteFile (buffer must be aligned on sector size).

Sergius 2010-05-21 06:16:52

Answer 5

+1 A:

I'm the OP. I'm combining Eric Seppanen's & Matteo Italia's answers to make it complete.

*NIX Platforms:

It's easy due to the magic of *nix special device files. You can open and read /dev/sda the same way you'd read any other file.

Just use open, lseek, read, write (or pread, pwrite). If you want to make sure you're physically fetching data from a drive and not from kernel buffers you can open with the flag O_DIRECT (though you must perform aligned reads/writes of 512 byte chunks for this to work).

Windows Platform

For Windows, there are the special objects \\.\PhisicalDriveX, with X as the number of the drive, which can be opened using the normal CreateFile API. To perform reads or writes simply call ReadFile and WriteFile (buffer must be aligned on sector size).

More info can be found in "Physical Disks and Volumes" section of the CreateFile API documentation.

Alternatively you can also you DeviceIoControl function which sends a control code directly to a specified device driver, causing the corresponding device to perform the corresponding operation.

claws 2010-05-25 15:58:14

ansaurus

tags:

views:

answers:

How do they read clusters/cylinders/sectors from the disk?

related questions