From 7ce17f8fcbb0369935d462753043c13e7a505a58 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
Date: Fri, 3 Jan 2025 14:58:09 +0100
Subject: [PATCH] Enable OSPP profile in RHEL 10

Currently, the data stream in RHEL 10 daily productization
contains OSPP profile and therefore differs from upstream defaults.
We still want to run tests with OSPP profile in daily productization.
At the same time, we don't want to test different data stream
in daily productization than in upstream tests and CI.
This will be solved by enabling the OSPP profile by default.
---
 .../bootloader-grub2/grub2_init_on_alloc_argument/rule.yml   | 1 +
 .../system/bootloader-zipl/zipl_bls_entries_only/rule.yml    | 1 +
 .../bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml      | 1 +
 .../bootloader-zipl/zipl_init_on_alloc_argument/rule.yml     | 1 +
 .../zipl_page_alloc_shuffle_argument/rule.yml                | 1 +
 products/rhel10/profiles/ospp.profile                        | 2 +-
 shared/references/cce-redhat-avail.txt                       | 5 -----
 7 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/linux_os/guide/system/bootloader-grub2/grub2_init_on_alloc_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_init_on_alloc_argument/rule.yml
index 2e721d99c54..bc3f5508cf8 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_init_on_alloc_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_init_on_alloc_argument/rule.yml
@@ -18,6 +18,7 @@ severity: medium
 
 identifiers:
     cce@rhel9: CCE-85867-0
+    cce@rhel10: CCE-86953-7
 
 ocil_clause: 'the kernel is not configured to zero out memory before allocation'
 
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
index c115ba0ecd5..e2ec1168f44 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
@@ -16,6 +16,7 @@ severity: medium
 identifiers:
     cce@rhel8: CCE-83485-3
     cce@rhel9: CCE-84092-6
+    cce@rhel10: CCE-87335-6
 
 ocil_clause: 'a non BLS boot entry is configured'
 
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
index 6f4626639b6..82a0242e256 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
@@ -18,6 +18,7 @@ severity: medium
 identifiers:
     cce@rhel8: CCE-83486-1
     cce@rhel9: CCE-84098-3
+    cce@rhel10: CCE-87515-3
 
 ocil_clause: 'the bootmap is outdated'
 
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/rule.yml
index e679e43b431..d0f21b0957e 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/rule.yml
@@ -22,6 +22,7 @@ severity: medium
 
 identifiers:
     cce@rhel9: CCE-85868-8
+    cce@rhel10: CCE-88443-7
 
 ocil_clause: 'the kernel is not configured to zero out memory before allocation'
 
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_page_alloc_shuffle_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_page_alloc_shuffle_argument/rule.yml
index b82d08e0614..8abdaaf0822 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_page_alloc_shuffle_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_page_alloc_shuffle_argument/rule.yml
@@ -27,6 +27,7 @@ severity: medium
 
 identifiers:
     cce@rhel9: CCE-85880-3
+    cce@rhel10: CCE-89057-4
 
 ocil_clause: 'randomization of the page allocator is not enabled in the kernel'
 
diff --git a/products/rhel10/profiles/ospp.profile b/products/rhel10/profiles/ospp.profile
index 9abfd024e29..0642cbab2ec 100644
--- a/products/rhel10/profiles/ospp.profile
+++ b/products/rhel10/profiles/ospp.profile
@@ -1,4 +1,4 @@
-documentation_complete: false
+documentation_complete: true
 
 metadata:
     version: 4.3
diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
index c4686286517..71dddd11669 100644
--- a/shared/references/cce-redhat-avail.txt
+++ b/shared/references/cce-redhat-avail.txt
@@ -224,7 +224,6 @@ CCE-86935-4
 CCE-86936-2
 CCE-86937-0
 CCE-86952-9
-CCE-86953-7
 CCE-86955-2
 CCE-86956-0
 CCE-86958-6
@@ -446,7 +445,6 @@ CCE-87325-7
 CCE-87326-5
 CCE-87327-3
 CCE-87334-9
-CCE-87335-6
 CCE-87342-2
 CCE-87343-0
 CCE-87346-3
@@ -553,7 +551,6 @@ CCE-87510-4
 CCE-87511-2
 CCE-87512-0
 CCE-87513-8
-CCE-87515-3
 CCE-87516-1
 CCE-87517-9
 CCE-87519-5
@@ -1129,7 +1126,6 @@ CCE-88431-2
 CCE-88432-0
 CCE-88434-6
 CCE-88442-9
-CCE-88443-7
 CCE-88445-2
 CCE-88446-0
 CCE-88447-8
@@ -1503,7 +1499,6 @@ CCE-89050-9
 CCE-89052-5
 CCE-89053-3
 CCE-89054-1
-CCE-89057-4
 CCE-89065-7
 CCE-89066-5
 CCE-89067-3