I'm trying to use ptrace apis to control the execution of child process. As a part of it, there are like few things I need to do, at first I need to trace the child process right from the beginning of the child's execution, hence, I am using PTRACE_TRACEME. Besides that, I also need to use a framework called as compel (from CRIU) for code injection into the child process during runtime. The problem with using this framework is that, it uses ptrace apis PTRACE_SEIZE & PTRACE_INTERRUPT to attach and inject code into the child process. Hence my logic of using the PTRACE_TRACEME to debug right from the beginning of child process execution and to use a framework that starts debugging with PTRACE_SEIZE isn't working out.
I need a suggestion of overcoming this logical bottleneck, which is how to switch from PTRACE_TRACEME to PTRACE_SEIZE & PTRACE_INTERRUPT so that I can leverage the framework that offers me sophistication of injecting parasitic code on the fly.
One approach that I tried was tweaking the framework so that it will be compatible with PTRACE_TRACEME, but it gives me hard time solving it, as the code itself is immensely large & solving it seems like a long time...
Another approach is attach to the child from the beginning of the child execution with PTRACE_SEIZE & PTRACE_INTERRUPT so that it would be easy to use the framework directly.
Any idea is welcome, either using PTRACE_SEIZE & PTRACE_INTERRUPT from the beginning of the child execution or shifting from PTRACE_TRACEME to PTRACE_SEIZE & PTRACE_INTERRUPT
