1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 1989, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2015 Joyent, Inc.
25 */
26
27 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
28 /* All Rights Reserved */
29
30 #include <sys/types.h>
31 #include <sys/param.h>
32 #include <sys/sysmacros.h>
33 #include <sys/proc.h>
34 #include <sys/kmem.h>
35 #include <sys/tuneable.h>
36 #include <sys/var.h>
37 #include <sys/cred.h>
38 #include <sys/systm.h>
39 #include <sys/prsystm.h>
40 #include <sys/vnode.h>
41 #include <sys/session.h>
42 #include <sys/cpuvar.h>
43 #include <sys/cmn_err.h>
44 #include <sys/bitmap.h>
45 #include <sys/debug.h>
46 #include <c2/audit.h>
47 #include <sys/project.h>
48 #include <sys/task.h>
49 #include <sys/zone.h>
50
51 /* directory entries for /proc */
52 union procent {
53 proc_t *pe_proc;
54 union procent *pe_next;
55 };
56
57 struct pid pid0 = {
58 0, /* pid_prinactive */
59 1, /* pid_pgorphaned */
60 0, /* pid_padding */
61 0, /* pid_prslot */
62 0, /* pid_id */
63 NULL, /* pid_pglink */
64 NULL, /* pid_pgtail */
65 NULL, /* pid_link */
66 3 /* pid_ref */
67 };
68
69 static int pid_hashlen = 4; /* desired average hash chain length */
70 static int pid_hashsz; /* number of buckets in the hash table */
71
72 #define HASHPID(pid) (pidhash[((pid)&(pid_hashsz-1))])
73
74 extern uint_t nproc;
75 extern struct kmem_cache *process_cache;
76 static void upcount_init(void);
77
78 kmutex_t pidlock; /* global process lock */
79 kmutex_t pr_pidlock; /* /proc global process lock */
80 kcondvar_t *pr_pid_cv; /* for /proc, one per process slot */
81 struct plock *proc_lock; /* persistent array of p_lock's */
82
83 /*
84 * See the comment above pid_getlockslot() for a detailed explanation of this
85 * constant. Note that a PLOCK_SHIFT of 3 implies 64-byte coherence
86 * granularity; if the coherence granularity is ever changed, this constant
87 * should be modified to reflect the change to minimize proc_lock false
88 * sharing (correctness, however, is guaranteed regardless of the coherence
89 * granularity).
90 */
91 #define PLOCK_SHIFT 3
92
93 static kmutex_t pidlinklock;
94 static struct pid **pidhash;
95 static pid_t minpid;
96 static pid_t mpid = FAMOUS_PIDS; /* one more than the last famous pid */
97 static union procent *procdir;
98 static union procent *procentfree;
99
100 static struct pid *
101 pid_lookup(pid_t pid)
102 {
103 struct pid *pidp;
104
105 ASSERT(MUTEX_HELD(&pidlinklock));
106
107 for (pidp = HASHPID(pid); pidp; pidp = pidp->pid_link) {
108 if (pidp->pid_id == pid) {
109 ASSERT(pidp->pid_ref > 0);
110 break;
111 }
112 }
113 return (pidp);
114 }
115
116 struct pid *
117 pid_find(pid_t pid)
118 {
119 struct pid *pidp;
120
121 mutex_enter(&pidlinklock);
122 pidp = pid_lookup(pid);
123 mutex_exit(&pidlinklock);
124
125 return (pidp);
126 }
127
128 void
129 pid_setmin(void)
130 {
131 if (jump_pid && jump_pid > mpid)
132 minpid = mpid = jump_pid;
133 else
134 minpid = mpid;
135 }
136
137 /*
138 * When prslots are simply used as an index to determine a process' p_lock,
139 * adjacent prslots share adjacent p_locks. On machines where the size
140 * of a mutex is smaller than that of a cache line (which, as of this writing,
141 * is true for all machines on which Solaris runs), this can potentially
142 * induce false sharing. The standard solution for false sharing is to pad
143 * out one's data structures (in this case, struct plock). However,
144 * given the size and (generally) sparse use of the proc_lock array, this
145 * is suboptimal. We therefore stride through the proc_lock array with
146 * a stride of PLOCK_SHIFT. PLOCK_SHIFT should be defined as:
147 *
148 * log_2 (coherence_granularity / sizeof (kmutex_t))
149 *
150 * Under this scheme, false sharing is still possible -- but only when
151 * the number of active processes is very large. Note that the one-to-one
152 * mapping between prslots and lockslots is maintained.
153 */
154 static int
155 pid_getlockslot(int prslot)
156 {
157 int even = (v.v_proc >> PLOCK_SHIFT) << PLOCK_SHIFT;
158 int perlap = even >> PLOCK_SHIFT;
159
160 if (prslot >= even)
161 return (prslot);
162
163 return (((prslot % perlap) << PLOCK_SHIFT) + (prslot / perlap));
164 }
165
166 /*
167 * This function allocates a pid structure, a free pid, and optionally a
168 * slot in the proc table for it.
169 *
170 * pid_allocate() returns the new pid on success, -1 on failure.
171 */
172 pid_t
173 pid_allocate(proc_t *prp, pid_t pid, int flags)
174 {
175 struct pid *pidp;
176 union procent *pep;
177 pid_t newpid, startpid;
178
179 pidp = kmem_zalloc(sizeof (struct pid), KM_SLEEP);
180
181 mutex_enter(&pidlinklock);
182 if ((flags & PID_ALLOC_PROC) && (pep = procentfree) == NULL) {
183 /*
184 * ran out of /proc directory entries
185 */
186 goto failed;
187 }
188
189 if (pid != 0) {
190 VERIFY(minpid == 0);
191 VERIFY3P(pid, <, mpid);
192 VERIFY3P(pid_lookup(pid), ==, NULL);
193 newpid = pid;
194 } else {
195 /*
196 * Allocate a pid
197 */
198 ASSERT(minpid <= mpid && mpid < maxpid);
199
200 startpid = mpid;
201 for (;;) {
202 newpid = mpid;
203 if (++mpid == maxpid)
204 mpid = minpid;
205
206 if (pid_lookup(newpid) == NULL)
207 break;
208
209 if (mpid == startpid)
210 goto failed;
211 }
212 }
213
214 /*
215 * Put pid into the pid hash table.
216 */
217 pidp->pid_link = HASHPID(newpid);
218 HASHPID(newpid) = pidp;
219 pidp->pid_ref = 1;
220 pidp->pid_id = newpid;
221
222 if (flags & PID_ALLOC_PROC) {
223 procentfree = pep->pe_next;
224 pidp->pid_prslot = pep - procdir;
225 pep->pe_proc = prp;
226 prp->p_pidp = pidp;
227 prp->p_lockp = &proc_lock[pid_getlockslot(pidp->pid_prslot)];
228 } else {
229 pidp->pid_prslot = 0;
230 }
231
232 mutex_exit(&pidlinklock);
233
234 return (newpid);
235
236 failed:
237 mutex_exit(&pidlinklock);
238 kmem_free(pidp, sizeof (struct pid));
239 return (-1);
240 }
241
242 /*
243 * decrement the reference count for pid
244 */
245 int
246 pid_rele(struct pid *pidp)
247 {
248 struct pid **pidpp;
249
250 mutex_enter(&pidlinklock);
251 ASSERT(pidp != &pid0);
252
253 pidpp = &HASHPID(pidp->pid_id);
254 for (;;) {
255 ASSERT(*pidpp != NULL);
256 if (*pidpp == pidp)
257 break;
258 pidpp = &(*pidpp)->pid_link;
259 }
260
261 *pidpp = pidp->pid_link;
262 mutex_exit(&pidlinklock);
263
264 kmem_free(pidp, sizeof (*pidp));
265 return (0);
266 }
267
268 void
269 proc_entry_free(struct pid *pidp)
270 {
271 mutex_enter(&pidlinklock);
272 pidp->pid_prinactive = 1;
273 procdir[pidp->pid_prslot].pe_next = procentfree;
274 procentfree = &procdir[pidp->pid_prslot];
275 mutex_exit(&pidlinklock);
276 }
277
278 /*
279 * The original task needs to be passed in since the process has already been
280 * detached from the task at this point in time.
281 */
282 void
283 pid_exit(proc_t *prp, struct task *tk)
284 {
285 struct pid *pidp;
286 zone_t *zone = prp->p_zone;
287
288 ASSERT(MUTEX_HELD(&pidlock));
289
290 /*
291 * Exit process group. If it is NULL, it's because fork failed
292 * before calling pgjoin().
293 */
294 ASSERT(prp->p_pgidp != NULL || prp->p_stat == SIDL);
295 if (prp->p_pgidp != NULL)
296 pgexit(prp);
297
298 sess_rele(prp->p_sessp, B_TRUE);
299
300 pidp = prp->p_pidp;
301
302 proc_entry_free(pidp);
303
304 if (audit_active)
305 audit_pfree(prp);
306
307 if (practive == prp) {
308 practive = prp->p_next;
309 }
310
311 if (prp->p_next) {
312 prp->p_next->p_prev = prp->p_prev;
313 }
314 if (prp->p_prev) {
315 prp->p_prev->p_next = prp->p_next;
316 }
317
318 PID_RELE(pidp);
319
320 mutex_destroy(&prp->p_crlock);
321 kmem_cache_free(process_cache, prp);
322 nproc--;
323
324 /*
325 * Decrement the process counts of the original task, project and zone.
326 */
327 mutex_enter(&zone->zone_nlwps_lock);
328 tk->tk_nprocs--;
329 tk->tk_proj->kpj_nprocs--;
330 zone->zone_nprocs--;
331 mutex_exit(&zone->zone_nlwps_lock);
332 }
333
334 /*
335 * Find a process visible from the specified zone given its process ID.
336 */
337 proc_t *
338 prfind_zone(pid_t pid, zoneid_t zoneid)
339 {
340 struct pid *pidp;
341 proc_t *p;
342
343 ASSERT(MUTEX_HELD(&pidlock));
344
345 mutex_enter(&pidlinklock);
346 pidp = pid_lookup(pid);
347 mutex_exit(&pidlinklock);
348 if (pidp != NULL && pidp->pid_prinactive == 0) {
349 p = procdir[pidp->pid_prslot].pe_proc;
350 if (zoneid == ALL_ZONES || p->p_zone->zone_id == zoneid)
351 return (p);
352 }
353 return (NULL);
354 }
355
356 /*
357 * Find a process given its process ID. This obeys zone restrictions,
358 * so if the caller is in a non-global zone it won't find processes
359 * associated with other zones. Use prfind_zone(pid, ALL_ZONES) to
360 * bypass this restriction.
361 */
362 proc_t *
363 prfind(pid_t pid)
364 {
365 zoneid_t zoneid;
366
367 if (INGLOBALZONE(curproc))
368 zoneid = ALL_ZONES;
369 else
370 zoneid = getzoneid();
371 return (prfind_zone(pid, zoneid));
372 }
373
374 proc_t *
375 pgfind_zone(pid_t pgid, zoneid_t zoneid)
376 {
377 struct pid *pidp;
378
379 ASSERT(MUTEX_HELD(&pidlock));
380
381 mutex_enter(&pidlinklock);
382 pidp = pid_lookup(pgid);
383 mutex_exit(&pidlinklock);
384 if (pidp != NULL) {
385 proc_t *p = pidp->pid_pglink;
386
387 if (zoneid == ALL_ZONES || pgid == 0 || p == NULL ||
388 p->p_zone->zone_id == zoneid)
389 return (p);
390 }
391 return (NULL);
392 }
393
394 /*
395 * return the head of the list of processes whose process group ID is 'pgid',
396 * or NULL, if no such process group
397 */
398 proc_t *
399 pgfind(pid_t pgid)
400 {
401 zoneid_t zoneid;
402
403 if (INGLOBALZONE(curproc))
404 zoneid = ALL_ZONES;
405 else
406 zoneid = getzoneid();
407 return (pgfind_zone(pgid, zoneid));
408 }
409
410 /*
411 * Sets P_PR_LOCK on a non-system process. Process must be fully created
412 * and not exiting to succeed.
413 *
414 * Returns 0 on success.
415 * Returns 1 if P_PR_LOCK is set.
416 * Returns -1 if proc is in invalid state.
417 */
418 int
419 sprtrylock_proc(proc_t *p)
420 {
421 ASSERT(MUTEX_HELD(&p->p_lock));
422
423 /* skip system and incomplete processes */
424 if (p->p_stat == SIDL || p->p_stat == SZOMB ||
425 (p->p_flag & (SSYS | SEXITING | SEXITLWPS))) {
426 return (-1);
427 }
428
429 if (p->p_proc_flag & P_PR_LOCK)
430 return (1);
431
432 p->p_proc_flag |= P_PR_LOCK;
433 THREAD_KPRI_REQUEST();
434
435 return (0);
436 }
437
438 /*
439 * Wait for P_PR_LOCK to become clear. Returns with p_lock dropped,
440 * and the proc pointer no longer valid, as the proc may have exited.
441 */
442 void
443 sprwaitlock_proc(proc_t *p)
444 {
445 kmutex_t *mp;
446
447 ASSERT(MUTEX_HELD(&p->p_lock));
448 ASSERT(p->p_proc_flag & P_PR_LOCK);
449
450 /*
451 * p_lock is persistent, but p itself is not -- it could
452 * vanish during cv_wait(). Load p->p_lock now so we can
453 * drop it after cv_wait() without referencing p.
454 */
455 mp = &p->p_lock;
456 cv_wait(&pr_pid_cv[p->p_slot], mp);
457 mutex_exit(mp);
458 }
459
460 /*
461 * If pid exists, find its proc, acquire its p_lock and mark it P_PR_LOCK.
462 * Returns the proc pointer on success, NULL on failure. sprlock() is
463 * really just a stripped-down version of pr_p_lock() to allow practive
464 * walkers like dofusers() and dumpsys() to synchronize with /proc.
465 */
466 proc_t *
467 sprlock_zone(pid_t pid, zoneid_t zoneid)
468 {
469 proc_t *p;
470 int ret;
471
472 for (;;) {
473 mutex_enter(&pidlock);
474 if ((p = prfind_zone(pid, zoneid)) == NULL) {
475 mutex_exit(&pidlock);
476 return (NULL);
477 }
478 mutex_enter(&p->p_lock);
479 mutex_exit(&pidlock);
480
481 if (panicstr)
482 return (p);
483
484 ret = sprtrylock_proc(p);
485 if (ret == -1) {
486 mutex_exit(&p->p_lock);
487 return (NULL);
488 } else if (ret == 0) {
489 break;
490 }
491 sprwaitlock_proc(p);
492 }
493 return (p);
494 }
495
496 proc_t *
497 sprlock(pid_t pid)
498 {
499 zoneid_t zoneid;
500
501 if (INGLOBALZONE(curproc))
502 zoneid = ALL_ZONES;
503 else
504 zoneid = getzoneid();
505 return (sprlock_zone(pid, zoneid));
506 }
507
508 void
509 sprlock_proc(proc_t *p)
510 {
511 ASSERT(MUTEX_HELD(&p->p_lock));
512
513 while (p->p_proc_flag & P_PR_LOCK) {
514 cv_wait(&pr_pid_cv[p->p_slot], &p->p_lock);
515 }
516
517 p->p_proc_flag |= P_PR_LOCK;
518 THREAD_KPRI_REQUEST();
519 }
520
521 void
522 sprunlock(proc_t *p)
523 {
524 if (panicstr) {
525 mutex_exit(&p->p_lock);
526 return;
527 }
528
529 ASSERT(p->p_proc_flag & P_PR_LOCK);
530 ASSERT(MUTEX_HELD(&p->p_lock));
531
532 cv_signal(&pr_pid_cv[p->p_slot]);
533 p->p_proc_flag &= ~P_PR_LOCK;
534 mutex_exit(&p->p_lock);
535 THREAD_KPRI_RELEASE();
536 }
537
538 /*
539 * Undo effects of sprlock but without dropping p->p_lock
540 */
541 void
542 sprunprlock(proc_t *p)
543 {
544 ASSERT(p->p_proc_flag & P_PR_LOCK);
545 ASSERT(MUTEX_HELD(&p->p_lock));
546
547 cv_signal(&pr_pid_cv[p->p_slot]);
548 p->p_proc_flag &= ~P_PR_LOCK;
549 THREAD_KPRI_RELEASE();
550 }
551
552 void
553 pid_init(void)
554 {
555 int i;
556
557 pid_hashsz = 1 << highbit(v.v_proc / pid_hashlen);
558
559 pidhash = kmem_zalloc(sizeof (struct pid *) * pid_hashsz, KM_SLEEP);
560 procdir = kmem_alloc(sizeof (union procent) * v.v_proc, KM_SLEEP);
561 pr_pid_cv = kmem_zalloc(sizeof (kcondvar_t) * v.v_proc, KM_SLEEP);
562 proc_lock = kmem_zalloc(sizeof (struct plock) * v.v_proc, KM_SLEEP);
563
564 nproc = 1;
565 practive = proc_sched;
566 proc_sched->p_next = NULL;
567 procdir[0].pe_proc = proc_sched;
568
569 procentfree = &procdir[1];
570 for (i = 1; i < v.v_proc - 1; i++)
571 procdir[i].pe_next = &procdir[i+1];
572 procdir[i].pe_next = NULL;
573
574 HASHPID(0) = &pid0;
575
576 upcount_init();
577 }
578
579 proc_t *
580 pid_entry(int slot)
581 {
582 union procent *pep;
583 proc_t *prp;
584
585 ASSERT(MUTEX_HELD(&pidlock));
586 ASSERT(slot >= 0 && slot < v.v_proc);
587
588 pep = procdir[slot].pe_next;
589 if (pep >= procdir && pep < &procdir[v.v_proc])
590 return (NULL);
591 prp = procdir[slot].pe_proc;
592 if (prp != 0 && prp->p_stat == SIDL)
593 return (NULL);
594 return (prp);
595 }
596
597 /*
598 * Send the specified signal to all processes whose process group ID is
599 * equal to 'pgid'
600 */
601
602 void
603 signal(pid_t pgid, int sig)
604 {
605 struct pid *pidp;
606 proc_t *prp;
607
608 mutex_enter(&pidlock);
609 mutex_enter(&pidlinklock);
610 if (pgid == 0 || (pidp = pid_lookup(pgid)) == NULL) {
611 mutex_exit(&pidlinklock);
612 mutex_exit(&pidlock);
613 return;
614 }
615 mutex_exit(&pidlinklock);
616 for (prp = pidp->pid_pglink; prp; prp = prp->p_pglink) {
617 mutex_enter(&prp->p_lock);
618 sigtoproc(prp, NULL, sig);
619 mutex_exit(&prp->p_lock);
620 }
621 mutex_exit(&pidlock);
622 }
623
624 /*
625 * Send the specified signal to the specified process
626 */
627
628 void
629 prsignal(struct pid *pidp, int sig)
630 {
631 if (!(pidp->pid_prinactive))
632 psignal(procdir[pidp->pid_prslot].pe_proc, sig);
633 }
634
635 #include <sys/sunddi.h>
636
637 /*
638 * DDI/DKI interfaces for drivers to send signals to processes
639 */
640
641 /*
642 * obtain an opaque reference to a process for signaling
643 */
644 void *
645 proc_ref(void)
646 {
647 struct pid *pidp;
648
649 mutex_enter(&pidlock);
650 pidp = curproc->p_pidp;
651 PID_HOLD(pidp);
652 mutex_exit(&pidlock);
653
654 return (pidp);
655 }
656
657 /*
658 * release a reference to a process
659 * - a process can exit even if a driver has a reference to it
660 * - one proc_unref for every proc_ref
661 */
662 void
663 proc_unref(void *pref)
664 {
665 mutex_enter(&pidlock);
666 PID_RELE((struct pid *)pref);
667 mutex_exit(&pidlock);
668 }
669
670 /*
671 * send a signal to a process
672 *
673 * - send the process the signal
674 * - if the process went away, return a -1
675 * - if the process is still there return 0
676 */
677 int
678 proc_signal(void *pref, int sig)
679 {
680 struct pid *pidp = pref;
681
682 prsignal(pidp, sig);
683 return (pidp->pid_prinactive ? -1 : 0);
684 }
685
686
687 static struct upcount **upc_hash; /* a boot time allocated array */
688 static ulong_t upc_hashmask;
689 #define UPC_HASH(x, y) ((ulong_t)(x ^ y) & upc_hashmask)
690
691 /*
692 * Get us off the ground. Called once at boot.
693 */
694 void
695 upcount_init(void)
696 {
697 ulong_t upc_hashsize;
698
699 /*
700 * An entry per MB of memory is our current guess
701 */
702 /*
703 * 2^20 is a meg, so shifting right by 20 - PAGESHIFT
704 * converts pages to megs (without overflowing a u_int
705 * if you have more than 4G of memory, like ptob(physmem)/1M
706 * would).
707 */
708 upc_hashsize = (1 << highbit(physmem >> (20 - PAGESHIFT)));
709 upc_hashmask = upc_hashsize - 1;
710 upc_hash = kmem_zalloc(upc_hashsize * sizeof (struct upcount *),
711 KM_SLEEP);
712 }
713
714 /*
715 * Increment the number of processes associated with a given uid and zoneid.
716 */
717 void
718 upcount_inc(uid_t uid, zoneid_t zoneid)
719 {
720 struct upcount **upc, **hupc;
721 struct upcount *new;
722
723 ASSERT(MUTEX_HELD(&pidlock));
724 new = NULL;
725 hupc = &upc_hash[UPC_HASH(uid, zoneid)];
726 top:
727 upc = hupc;
728 while ((*upc) != NULL) {
729 if ((*upc)->up_uid == uid && (*upc)->up_zoneid == zoneid) {
730 (*upc)->up_count++;
731 if (new) {
732 /*
733 * did not need `new' afterall.
734 */
735 kmem_free(new, sizeof (*new));
736 }
737 return;
738 }
739 upc = &(*upc)->up_next;
740 }
741
742 /*
743 * There is no entry for this <uid,zoneid> pair.
744 * Allocate one. If we have to drop pidlock, check
745 * again.
746 */
747 if (new == NULL) {
748 new = (struct upcount *)kmem_alloc(sizeof (*new), KM_NOSLEEP);
749 if (new == NULL) {
750 mutex_exit(&pidlock);
751 new = (struct upcount *)kmem_alloc(sizeof (*new),
752 KM_SLEEP);
753 mutex_enter(&pidlock);
754 goto top;
755 }
756 }
757
758
759 /*
760 * On the assumption that a new user is going to do some
761 * more forks, put the new upcount structure on the front.
762 */
763 upc = hupc;
764
765 new->up_uid = uid;
766 new->up_zoneid = zoneid;
767 new->up_count = 1;
768 new->up_next = *upc;
769
770 *upc = new;
771 }
772
773 /*
774 * Decrement the number of processes a given uid and zoneid has.
775 */
776 void
777 upcount_dec(uid_t uid, zoneid_t zoneid)
778 {
779 struct upcount **upc;
780 struct upcount *done;
781
782 ASSERT(MUTEX_HELD(&pidlock));
783
784 upc = &upc_hash[UPC_HASH(uid, zoneid)];
785 while ((*upc) != NULL) {
786 if ((*upc)->up_uid == uid && (*upc)->up_zoneid == zoneid) {
787 (*upc)->up_count--;
788 if ((*upc)->up_count == 0) {
789 done = *upc;
790 *upc = (*upc)->up_next;
791 kmem_free(done, sizeof (*done));
792 }
793 return;
794 }
795 upc = &(*upc)->up_next;
796 }
797 cmn_err(CE_PANIC, "decr_upcount-off the end");
798 }
799
800 /*
801 * Returns the number of processes a uid has.
802 * Non-existent uid's are assumed to have no processes.
803 */
804 int
805 upcount_get(uid_t uid, zoneid_t zoneid)
806 {
807 struct upcount *upc;
808
809 ASSERT(MUTEX_HELD(&pidlock));
810
811 upc = upc_hash[UPC_HASH(uid, zoneid)];
812 while (upc != NULL) {
813 if (upc->up_uid == uid && upc->up_zoneid == zoneid) {
814 return (upc->up_count);
815 }
816 upc = upc->up_next;
817 }
818 return (0);
819 }