|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen staging-4.20] tools/oxenstored: Reset quota when resetting permissions
commit 54ba668c46b657e2a1fb9f9ab01edce7440c31d8
Author: Andrii Sultanov <andriy.sultanov@xxxxxxxxxx>
AuthorDate: Tue Apr 28 13:41:16 2026 +0100
Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Apr 28 13:43:55 2026 +0100
tools/oxenstored: Reset quota when resetting permissions
The quota object contains both limits and the current node usage counts.
When a domain is torn down, the node data itself is cleaned up but the node
usage counts are not. A later domain reusing the same domid can create
fewer
nodes before being deemed to be over quota.
Reset the count when the node permissions are cleaned up.
This is XSA-483 / CVE-2026-23556.
Signed-off-by: Andrii Sultanov <andriy.sultanov@xxxxxxxxxx>
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
(cherry picked from commit af9e77f5ff774a252a89039c281744de64db44bc)
---
tools/ocaml/xenstored/store.ml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tools/ocaml/xenstored/store.ml b/tools/ocaml/xenstored/store.ml
index 9b8dd2812d..aa9204ead3 100644
--- a/tools/ocaml/xenstored/store.ml
+++ b/tools/ocaml/xenstored/store.ml
@@ -465,7 +465,8 @@ let reset_permissions store domid =
if perms <> node.perms then
Logging.debug "store|node" "Changed permissions for node %s"
(Node.get_name node);
Some { node with Node.perms }
- ) store.root
+ ) store.root;
+ store.quota <- Quota.del store.quota domid
type ops = {
store: t;
--
generated by git-patchbot for /home/xen/git/xen.git#staging-4.20
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |