From: Andrii Sultanov <andriy.sultanov@vates.tech>
Subject: tools/oxenstored: Reset quota when resetting permissions

The quota object contains both limits and the current node usage counts.

When a domain is torn down, the node data itself is cleaned up but the node
usage counts are not.  A later domain reusing the same domid can create fewer
nodes before being deemed to be over quota.

Reset the count when the node permissions are cleaned up.

This is XSA-483 / CVE-2026-23556.

Signed-off-by: Andrii Sultanov <andriy.sultanov@vates.tech>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>

diff --git a/tools/ocaml/xenstored/store.ml b/tools/ocaml/xenstored/store.ml
index 9b8dd2812df0..aa9204ead3ec 100644
--- a/tools/ocaml/xenstored/store.ml
+++ b/tools/ocaml/xenstored/store.ml
@@ -465,7 +465,8 @@ let reset_permissions store domid =
         if perms <> node.perms then
           Logging.debug "store|node" "Changed permissions for node %s" (Node.get_name node);
         Some { node with Node.perms }
-    ) store.root
+    ) store.root;
+  store.quota <- Quota.del store.quota domid
 
 type ops = {
   store: t;