From 72594436cee84f9de3344faa0b90274df10a18fe Mon Sep 17 00:00:00 2001
From: Michal Mielewczyk <michal.mielewczyk@huawei.com>
Date: Wed, 20 Sep 2023 08:57:37 +0200
Subject: [PATCH] Don't access cache priv before locking cache

Cache priv may be freed by concurrent stop.

Signed-off-by: Michal Mielewczyk <michal.mielewczyk@huawei.com>
Signed-off-by: Robert Baldyga <robert.baldyga@huawei.com>
---
 modules/cas_cache/layer_cache_management.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/cas_cache/layer_cache_management.c b/modules/cas_cache/layer_cache_management.c
index f45a7ae..cff65a0 100644
--- a/modules/cas_cache/layer_cache_management.c
+++ b/modules/cas_cache/layer_cache_management.c
@@ -3199,10 +3199,6 @@ int cache_mngt_exit_instance(const char *cache_name, size_t name_len, int flush)
 	if (status)
 		return status;
 
-	cache_priv = ocf_cache_get_priv(cache);
-	mngt_queue = cache_priv->mngt_queue;
-	context = cache_priv->stop_context;
-
 	/*
 	 * Flush cache. Flushing may take a long time, so we allow user
 	 * to interrupt this operation. Hence we do first flush before
@@ -3221,6 +3217,10 @@ int cache_mngt_exit_instance(const char *cache_name, size_t name_len, int flush)
 	if (status)
 		goto put;
 
+	cache_priv = ocf_cache_get_priv(cache);
+	mngt_queue = cache_priv->mngt_queue;
+	context = cache_priv->stop_context;
+
 	context->finish_thread = cas_lazy_thread_create(exit_instance_finish,
 			context, "cas_%s_stop", cache_name);
 	if (IS_ERR(context->finish_thread)) {