From 6759eba47e87344c79129aada5355fde0d59b62d Mon Sep 17 00:00:00 2001
From: Anderson Rosenberg <anderson.rosenberg@arcscience.org>
Date: Wed, 22 Oct 2025 19:34:10 -0400
Subject: [PATCH] quickfix: patch verification, mount --mkdir, add rmdir to
 initramfs

---
 README.md                             | 2 +-
 dracut/99reliant/module-setup.sh      | 2 +-
 tools/reliant-mount                   | 2 +-
 tools/reliant-profiling-patch-systemd | 4 ++--
 tools/reliant-unseal                  | 3 +--
 5 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 1dc356a..7d88860 100644
--- a/README.md
+++ b/README.md
@@ -94,7 +94,7 @@ action=accept dst4=1.1.1.1 dstports=80 proto=tcp
 ```
 Due to potential security implications of arbitrary code execution (firewall.rules is not sanitized when a volume is unsealed), the user is asked for manual confirmation before the firewall configuration is executed.
 
-### Commandline arguments
+### Commandline argumentop
 
 - `systemd.volatile=overlay` controls the switch between Protected Mode (when present) and Maintenance Mode (when omitted)
 - `reliant.e2fsck` runs `e2fsck -p` on every volume before mount to avoid needing an extra reboot in case of accidental data corruption
diff --git a/dracut/99reliant/module-setup.sh b/dracut/99reliant/module-setup.sh
index 3b6c636..54f159a 100755
--- a/dracut/99reliant/module-setup.sh
+++ b/dracut/99reliant/module-setup.sh
@@ -37,7 +37,7 @@ install() {
     inst /etc/reliant.conf
     
     # Other binaries
-    inst_multiple dmesg lsblk blockdev mount dd wc sed sort sleep md5sum find modprobe cut grep mkdir rm tail
+    inst_multiple dmesg lsblk blockdev mount dd wc sed sort sleep md5sum find modprobe cut grep mkdir rm rmdir tail
 
     # Optional profiling
     if [ "$RELIANT_PROFILING" = "true" ]; then
diff --git a/tools/reliant-mount b/tools/reliant-mount
index 08b2860..9bda940 100755
--- a/tools/reliant-mount
+++ b/tools/reliant-mount
@@ -38,7 +38,7 @@ done
 dvl_required=$RELIANT_FALSE
 for argument in $(cat /proc/cmdline); do
     if [[ "$argument" == reliant.dvl=* ]]; then
-	dvl_id="${argument##*/}"
+	dvl_id="${argument##*=}"
 	dvl_required=$RELIANT_TRUE
     fi
 done
diff --git a/tools/reliant-profiling-patch-systemd b/tools/reliant-profiling-patch-systemd
index 3260c29..8c30f29 100644
--- a/tools/reliant-profiling-patch-systemd
+++ b/tools/reliant-profiling-patch-systemd
@@ -15,8 +15,8 @@ done
 # Verify the patch has succeeded
 for hex_offset in $hex_offsets; do
     echo -n "$hex_offset: "
-    opcode=$(objdump -d "$target" | grep $hex_offset | awk '{ print $3 }')
-    if [ $opcode -eq 90 ]; then
+    opcode=$(objdump -d "$target" | grep $hex_offset | awk '{ print $2 }')
+    if [ "$opcode" -eq 90 ]; then
 	echo "OK"
     else
 	echo "FAIL"
diff --git a/tools/reliant-unseal b/tools/reliant-unseal
index 4481ba3..594276f 100755
--- a/tools/reliant-unseal
+++ b/tools/reliant-unseal
@@ -28,8 +28,7 @@ blockdev --setrw "$device"
 echo "Done."
 
 echo -n "Unsealing mountpoint... "
-mkdir "/run/shufflecake/$name"
-mount -o rw,noatime,nodiratime "$device" "/run/shufflecake/$name"
+mount -o rw,noatime,nodiratime --mkdir=0750 "$device" "/run/shufflecake/$name"
 echo "Done."
 
 # Check if we were given a qube list