The linux fix has been landed [1], but we can't fix mac. So we'll have to look for alternative solutions, e.g. send an IPC to do SetLength(). With that, I'll mark this issue as WontFix. After we deliver the new solution, I'll revert the linux fix in [1].

[1] https://chromium-review.googlesource.com/720273

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/62ae450f4ab0bd60c9e83faf7af7c86ec9740c9f

commit 62ae450f4ab0bd60c9e83faf7af7c86ec9740c9f
Author: Xiaohan Wang <xhwang@chromium.org>
Date: Tue Oct 17 18:50:34 2017

media: Allow __NR_ftruncate in bpf CDM policy on Linux

The CDM needs to access files in PluginPrivateFileSystem to support
persistent-state and persistent-license. It opens the through CdmStorage
mojo service, which opens the file in the browser process, and pass the
file descriptor to the CDM running in the sandboxed CDM (utility)
process. Then the CDM needs to be able to read and write the file. To
complete the write, we need to call base::File::SetLength() which needs
to call ftruncate().

BUG= 774762 

Change-Id: I60d15bc4c308569128e6c0164d5c5d79bd5c9096
Reviewed-on: https://chromium-review.googlesource.com/720273
Commit-Queue: Xiaohan Wang <xhwang@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#509460}
[modify] https://crrev.com/62ae450f4ab0bd60c9e83faf7af7c86ec9740c9f/content/common/sandbox_linux/bpf_cdm_policy_linux.cc

I thought about more, and felt it's a generic issue that it would be nice to be fixed. Currently we allow read/write with a child process FD in the sandbox, and SetLength() works on all platforms except on Mac. However, it's hard to do any generic-purpose file IO (write) without SetLength(). In our case, this forced us to change our design dramatically, with implications on performance and code complexity. I suppose this could also hit other use cases in the future.

Is it possible that we look at this issue more closely, and double check whether there's any way to fix it?

This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Mac triage: to rsesek@ - can we take a peek at this and make a firm yes or no answer to #6 for M73?

I'm pretty sure that ftruncate is guarded by the file-write-data operation, so it's just a matter of configuring the sandbox policy for this. I don't think it makes sense to have a generic bug open about this on Mac because it's not an architectural issue.