On 01/11/2022 15:28, Juergen Gross wrote:
> When destroying a domain, any stale permissions of the domain must be
> removed from the special nodes "@...", too. This was not done in the
> fix for XSA-322.
>
> Fixes: 496306324d8d ("tools/xenstore: revoke access rights for removed
> domains")
> Signed-off-by: Juergen Gross <[email protected]>
> Reviewed-by: Julien Grall <[email protected]>
Henry, this one also ought to be considered for 4.17 at this point, as
it's a bugfix to security fix.
As noted in the cover letter, it is R-by already as it came up in
private, but was ultimately not included in the security content.
Thanks,
~Andrew
