> We read the data from the user here and then we write it to the fifo
> in pi433_write(). We should be using the device->tx_fifo_lock so that
> we don't copy over the data at the same time we're writing it to the
> fifo.
Oh right, that makes the bug even worse.
In this case we don't even need
In the PI433_IOC_WR_TX_CFG case in pi433_ioctl, instance->tx_cfg is
modified using
copy_from_user(>tx_cfg, argp, sizeof(struct pi433_tx_cfg)))
without any kind of synchronization. In the case where two threads
would execute this same command concurrently the tx_cfg field might
enter in an