add android OS where applicable

host-interaction/file-system/files/list/enumerate-files-on-linux.yml

@@ -15,7 +15,9 @@ rule:
       - 7351f8a40c5450557b24622417fc478d:0x405438
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - or:
         - and:
           - match: create or open file

host-interaction/file-system/files/list/enumerate-files-recursively.yml

@@ -18,4 +18,5 @@ rule:
     - and:
       - or:
         - match: enumerate files on Windows
+        - match: enumerate files on Linux
       - characteristic: recursive call

host-interaction/file-system/read/read-file-on-linux.yml

@@ -13,7 +13,9 @@ rule:
       - 7351f8a40c5450557b24622417fc478d:0x4059AD
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - optional:
         - match: create or open file
       - or:

host-interaction/file-system/write/write-file-on-linux.yml

@@ -13,7 +13,9 @@ rule:
       - 7351f8a40c5450557b24622417fc478d:0x401E14
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - or:
         - api: fputc
         - api: fputs

host-interaction/hardware/memory/get-memory-information.yml

@@ -14,11 +14,15 @@ rule:
   features:
     - or:
       - and:
-        - os: linux
+        - or:
+          - os: linux
+          - os: android
         - match: host-interaction/file-system/read
         - string: "/proc/meminfo"
       - and:
-        - os: linux
+        - or:
+          - os: linux
+          - os: android
         - api: system
         - or:
           - substring: "/proc/meminfo"

host-interaction/mutex/create-semaphore-on-linux.yml

@@ -11,5 +11,7 @@ rule:
       - 294b8db1f2702b60fb2e42fdc50c2cee6a5046112da9a5703a548a4fa50477bc:0x408de0
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - api: sem_init

host-interaction/mutex/lock-file.yml

@@ -13,7 +13,9 @@ rule:
       - 7351f8a40c5450557b24622417fc478d:0x40858F
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - api: fcntl
       - number: 1 = F_WRLCK
       - number: 6 = F_SETLK

host-interaction/mutex/lock-semaphore-on-linux.yml

@@ -11,7 +11,9 @@ rule:
       - 294b8db1f2702b60fb2e42fdc50c2cee6a5046112da9a5703a548a4fa50477bc:0x408e40
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - or:
         - api: sem_wait
         - api: sem_timedwait

host-interaction/mutex/unlock-semaphore-on-linux.yml

@@ -11,5 +11,7 @@ rule:
       - 294b8db1f2702b60fb2e42fdc50c2cee6a5046112da9a5703a548a4fa50477bc:0x408e40
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - api: sem_post

host-interaction/process/create/create-process-on-linux.yml

@@ -13,7 +13,9 @@ rule:
       - 7351f8a40c5450557b24622417fc478d:0x40236D
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - or:
         - api: execve
         - api: execl

host-interaction/session/get-current-user-on-linux.yml

@@ -13,7 +13,9 @@ rule:
       - 7351f8a40c5450557b24622417fc478d:0x405438
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - or:
         - api: geteuid
         - api: getpwuid

host-interaction/thread/create/create-thread.yml

@@ -34,7 +34,9 @@ rule:
           - api: ntdll.ZwCreateThread
           - api: ntdll.ZwCreateThreadEx
       - and:
-        - os: linux
+        - or:
+          - os: linux
+          - os: android
         - api: pthread_create
       - and:
         - api: System.Threading.Thread::Start

lib/delay-execution.yml

@@ -36,7 +36,9 @@ rule:
           - api: KeWaitForSingleObject
           - api: KeDelayExecutionThread
       - and:
-        - os: linux
+        - or:
+          - os: linux
+          - os: android
         - or:
           - api: sleep
           - api: usleep

lib/duplicate-stdin-and-stdout.yml

@@ -11,7 +11,9 @@ rule:
       - 7351f8a40c5450557b24622417fc478d:0x40236D
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - api: dup2
       - number: 0 = STDIN
       - number: 1 = STDOUT

linking/runtime-linking/link-many-functions-at-runtime.yml

@@ -21,7 +21,9 @@ rule:
           - count(api(kernel32.GetProcAddress)): 5 or more
           - count(api(ntdll.LdrGetProcedureAddress)): 5 or more
       - and:
-        - os: linux
+        - or:
+          - os: linux
+          - os: android
         - match: link function at runtime on Linux
         - or:
           - count(api(dlsym)): 5 or more

nursery/get-current-pid-on-linux.yml

@@ -9,7 +9,9 @@ rule:
       dynamic: call
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - or:
         - api: getpid
         - api: getppid

nursery/get-password-database-entry-on-linux.yml

@@ -9,7 +9,9 @@ rule:
       dynamic: call
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - or:
         - api: getpwuid
         - api: getpwuid_r

nursery/link-function-at-runtime-on-linux.yml

@@ -11,7 +11,9 @@ rule:
       - Execution::Shared Modules [T1129]
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - or:
         - api: dlopen
         - api: dlmopen

nursery/set-thread-name-on-linux.yml

@@ -9,7 +9,9 @@ rule:
       dynamic: thread
   features:
     - and:
-      - os: linux
+      - or:
+        - os: linux
+        - os: android
       - or:
         - api: pthread_setname_np
         - and: