fix appvm iteration, exclude dm devices, fix git restore of shufflecake-c repository

install.sh

@@ -170,4 +170,4 @@ depmod -a "$RELIANT_KERNEL_VERSION"
 dracut --force --regenerate-all
 
 # Report successful installation
-echo "[INFO]: Installation complete. Reboot to enter protected mode."
+echo "[INFO]: Installation complete. Reboot to enter Protected Mode."

qubes-sflc/build.sh

@@ -37,4 +37,5 @@ cp shufflecake-c/dm-sflc.ko "$PWD/dm-sflc.ko"
 cp shufflecake-c/shufflecake "$PWD/shufflecake"
 
 # Restore the original crypto.h to avoid interference with future updates
+cd shufflecake-c
 git restore "shufflecake-c/$CRYPTO_H"

tools/reliant-mount

@@ -53,6 +53,7 @@ done
 # Set up the volatile image pool
 mkdir -m 750 /run/volatile
 mkdir -m 750 /run/volatile/appvms
-find /sysroot/var/lib/qubes/appvms | while read -r name; do
+for path in '/sysroot/var/lib/qubes/appvms/'*; do
+    name="${path##*/}"
     mkdir -m 750 "/run/volatile/appvms/$name"
 done

tools/reliant-security

@@ -208,8 +208,9 @@ reliant_security_check_devices() {
 
 	# Some devices must be skipped
 	if [ "$device_path" = "$RELIANT_SECURE_DEVICE" ]; then continue; fi
-	if [[ "$device" =~ ^loop[0-9]+ ]] || [[ "$device" =~ ^dm ]]; then continue; fi
+	if [[ "$device_path" =~ ^/dev/mapper/.* ]]; then continue; fi
-
+	if [[ "$device" =~ ^loop[0-9]+ ]] || [[ "$device" =~ ^dm-.* ]]; then continue; fi
+	
 	# We do not want ovelapping checksums, so only checksum partitions
 	if [[ "$device" =~ [a-zA-Z]$ ]]; then continue; fi