qcacld-3.0: Fix incorrect typecast in txrx_ops handlers

Currently the opaque context passed to txrx_ops handlers
is incorrectly typecasted to dp_intf. The context being passed
is dp_link handle. This leads to unwanted memory access.

Fix this by correctly typecasting the context passed to
all the txrx_ops handlers as dp_link handle.

Change-Id: I587b12056625bb68e86ecb54118bb2f6bfa62bd9
CRs-Fixed: 3569531

components/dp/core/inc/wlan_dp_txrx.h

@@ -284,7 +284,7 @@ QDF_STATUS wlan_dp_rx_deliver_to_stack(struct wlan_dp_intf *dp_intf,
 
 /**
  * dp_rx_thread_gro_flush_ind_cbk() - receive handler to flush GRO packets
- * @intf_ctx: pointer to DP interface context
+ * @link_ctx: pointer to DP interface context
  * @rx_ctx_id: RX CTX Id for which flush should happen
  *
  * Receive callback registered with DP layer which flushes GRO packets
@@ -293,7 +293,7 @@ QDF_STATUS wlan_dp_rx_deliver_to_stack(struct wlan_dp_intf *dp_intf,
  * Return: QDF_STATUS_E_FAILURE if any errors encountered,
  *	   QDF_STATUS_SUCCESS otherwise
  */
-QDF_STATUS dp_rx_thread_gro_flush_ind_cbk(void *intf_ctx, int rx_ctx_id);
+QDF_STATUS dp_rx_thread_gro_flush_ind_cbk(void *link_ctx, int rx_ctx_id);
 
 /**
  * dp_rx_pkt_thread_enqueue_cbk() - receive pkt handler to enqueue into thread

components/dp/core/src/wlan_dp_txrx.c

@@ -210,7 +210,8 @@ dp_tx_rx_collect_connectivity_stats_info(qdf_nbuf_t nbuf, void *context,
 		enum connectivity_stats_pkt_status action, uint8_t *pkt_type)
 {
 	uint32_t pkt_type_bitmap;
-	struct wlan_dp_intf *dp_intf =  (struct  wlan_dp_intf *)context;
+	struct wlan_dp_link *dp_link = (struct wlan_dp_link *)context;
+	struct wlan_dp_intf *dp_intf = dp_link->dp_intf;
 
 	/* ARP tracking is done already. */
 	pkt_type_bitmap = dp_intf->pkt_type_bitmap;
@@ -827,6 +828,7 @@ void dp_sta_notify_tx_comp_cb(qdf_nbuf_t nbuf, void *ctx, uint16_t flag)
 QDF_STATUS dp_mon_rx_packet_cbk(void *context, qdf_nbuf_t rxbuf)
 {
 	struct wlan_dp_intf *dp_intf;
+	struct wlan_dp_link *dp_link;
 	QDF_STATUS status;
 	qdf_nbuf_t nbuf;
 	qdf_nbuf_t nbuf_next;
@@ -839,7 +841,12 @@ QDF_STATUS dp_mon_rx_packet_cbk(void *context, qdf_nbuf_t rxbuf)
 		return QDF_STATUS_E_FAILURE;
 	}
 
-	dp_intf = (struct wlan_dp_intf *)context;
+	dp_link = (struct wlan_dp_link *)context;
+	dp_intf = dp_link->dp_intf;
+	if (!dp_intf) {
+		dp_err("dp_intf is NULL for dp_link %pK", dp_link);
+		return QDF_STATUS_E_FAILURE;
+	}
 
 	cpu_index = qdf_get_cpu();
 	stats = &dp_intf->dp_stats.tx_rx_stats;
@@ -1320,16 +1327,19 @@ static inline void dp_tsf_timestamp_rx(struct wlan_dp_psoc_context *dp_ctx,
 #endif
 
 QDF_STATUS
-dp_rx_thread_gro_flush_ind_cbk(void *intf_ctx, int rx_ctx_id)
+dp_rx_thread_gro_flush_ind_cbk(void *link_ctx, int rx_ctx_id)
 {
-	struct wlan_dp_intf *dp_intf = intf_ctx;
+	struct wlan_dp_link *dp_link = link_ctx;
+	struct wlan_dp_intf *dp_intf;
 	enum dp_rx_gro_flush_code gro_flush_code = DP_RX_GRO_NORMAL_FLUSH;
 
-	if (qdf_unlikely((!dp_intf) || (!dp_intf->dp_ctx))) {
+	if (qdf_unlikely((!dp_link) || (!dp_link->dp_intf) ||
+			 (!dp_link->dp_intf->dp_ctx))) {
 		dp_err("Null params being passed");
 		return QDF_STATUS_E_FAILURE;
 	}
 
+	dp_intf = dp_link->dp_intf;
 	if (dp_intf->runtime_disable_rx_thread)
 		return QDF_STATUS_SUCCESS;
 

components/dp/dispatcher/src/wlan_dp_ucfg_api.c

@@ -1050,7 +1050,7 @@ static QDF_STATUS wlan_dp_get_tsf_time(void *dp_link_ctx,
 	return QDF_STATUS_SUCCESS;
 }
 #else
-static QDF_STATUS wlan_dp_get_tsf_time(void *dp_intf_ctx,
+static QDF_STATUS wlan_dp_get_tsf_time(void *dp_link_ctx,
 				       uint64_t input_time,
 				       uint64_t *tsf_time)
 {