In iwx(4), fix wrong pointer assignment in iwx_bar_frame_release().
This bug caused the driver to read block ack request information sent
by firmware from the wrong offset. The driver flushes buffered frames
and moves its Rx block ack window based on this information. Possible
consequences of this bug are packet loss or even stalled traffic if
the Rx BA window gets out of sync between driver and firmware. Though
this effect might get cancelled out when the driver re-syncs the BA
window in its regular Rx code path.
Spotted by Christian Ehrhardt.
projects / openbsd / commit