From: Andrii Sultanov <andriy.sultanov@vates.tech>
Subject: tools/oxenstored: Reset quota when resetting permissions

The quota object contains both limits and the current node usage counts.

When a domain is torn down, the node data itself is cleaned up but the node
usage counts are not.  A later domain reusing the same domid can create fewer
nodes before being deemed to be over quota.

Reset the count when the node permissions are cleaned up.

This is XSA-483 / CVE-2026-23556.

Signed-off-by: Andrii Sultanov <andriy.sultanov@vates.tech>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>

diff --git a/tools/ocaml/xenstored/store.ml b/tools/ocaml/xenstored/store.ml
index 5dd965db151f..c099a2eae68a 100644
--- a/tools/ocaml/xenstored/store.ml
+++ b/tools/ocaml/xenstored/store.ml
@@ -465,7 +465,8 @@ let reset_permissions store domid =
 			if perms <> node.perms then
 				Logging.debug "store|node" "Changed permissions for node %s" (Node.get_name node);
 			Some { node with Node.perms }
-	) store.root
+	) store.root;
+	store.quota <- Quota.del store.quota domid
 
 type ops = {
 	store: t;