tags:

views:

66

answers:

5
+2  Q: 

Is there a way to directly query the file system device driver for listing out the files in a directory ?

Hi,

I'm currently using FindFirstFile, FindNextFile API to recursively iterate through directories for searching files based on a given criteria. I noticed that "dir /s" command gives better performance than my program. I'm tried checking out the events in process monitor and it looks like cmd.exe/dir command is directly querying the disk device driver. Is there any way I can achieve some thing similar with DeviceIOControl() ?. I'm very new to device drivers though not new to programming. Attaching procmon output for reference:

alt text

Regards,

+3  A: 

Use FindFirstFile and FindNextFile. That's the API, using DeviceIOControl directly is either a mess or not possible (don't know exactly).

Have you tried FindFirstFileEx and it's FIND_FIRST_EX_LARGE_FETCH flag and FindExInfoBasic info level?

Michael  2010-08-30 20:11:14
I did try them. But not much of noticeable improvement :(.
ivymike  2010-08-30 20:49:52
+1  A: 

You can call ZwQueryDirectoryFile directly. Going further down to the driver level would require sending a bunch of IRPs and would probably be an overkill.

Eugene Mayevski 'EldoS Corp  2010-08-30 20:12:19
It's NtQueryDirectoryFile in User-Mode, and you really shouldn't use these low-level-nt-api functions ...
Christopher  2010-08-30 20:18:32
:)) That's the same (under different names).From MSDN: NtQueryDirectoryFile and ZwQueryDirectoryFile are two versions of the same Windows Native System Services routine. For more information about this routine, see ZwQueryDirectoryFile.So it makes sense to start reading docs from the link I provided. One click less, you know ...
Eugene Mayevski 'EldoS Corp  2010-08-30 20:39:40
@Eugene Mayevski 'EldoS: Is it possible to call Kernel mode API from user mode programs ? I mean aren't the ones starting with Zwxxx supposed to be used only by drivers ?(I'm very new to driver programming).
ivymike  2010-08-30 20:57:26
As Christopher correctly mentioned, you would need to use another name of the same function, namely NtQueryDirectoryFile. But this is the same function.
Eugene Mayevski 'EldoS Corp  2010-08-30 21:10:30
@ivymike Read this: http://www.osronline.com/article.cfm?id=257
snoone  2010-09-02 15:38:32
+1  A: 

"dir /s" is using FindFirst/Next. It doesn't do any special magic to enumerate the files.

QueryDirectory appears to be how Procmon exposes what FindFirst/Next does to get its data from the file system.

jrtipton  2010-08-30 20:21:54
+1  A: 

http://ntfs-search.sourceforge.net/

It works well. And faster.
It opens a volume, and parses directly.

But it only works on NTFS.

Benjamin  2010-08-30 23:09:21
Thanks Benjamin. That looks very interesting.
ivymike  2010-08-31 05:17:38
+1  A: 

Profile your app, your bottleneck is likely to be elswhere. Some of these options are like taking out a shotgun to shoot a fly...

-scott

snoone  2010-09-02 15:41:42

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)