Not that it really matters, but this will now fail for no good reason if
you pass it a half-gigabyte area due to overflow.
Of course, if you pass it a half gig memory array, you're a f*cking moron
to begin with, so I don't think anybody really _cares_. But in general,
when checking system call arguments, I'd like people to think about
overflow issues more.
In this case it doesn't matter, and overflow just makes the test more
conservative than they need to be, but when it _does_ matter it often ends
up being a security issue.
nr_cpu_ids is a signed integer which turns the DIV_ROUND_UP into a somewhat
suboptimal instruction sequence. (havent checked it though)
So i'd suggest changing nr_cpu_ids to unsigned int [unless there's some strong
reason to have it signed] plus doing something like:
if (len < (nr_cpu_ids >> BITS_PER_BYTE_BITS))
ought to both result in better code and should be more readable. We'd have to
#define BITS_PER_BYTE_BITS 3
It really should round up.
If you worry about code generation, I'd suggest looking at whether
nr_cpu_ids could just be made unsigned.
Anyway, this all was _not_ the point of my original email. I really don't
care about this particular instance. I care more about the whole "in
general people should think _way_ more about validating user-supplied
arguments than clearly happened this time".