[Windows Sandbox] MITIGATION_EXTENSION_POINT_DISABLE support for children.

sandbox/win/src/process_mitigations.cc

Index: sandbox/win/src/process_mitigations.cc
diff --git a/sandbox/win/src/process_mitigations.cc b/sandbox/win/src/process_mitigations.cc
index adcc17c9af91aa3cff6412be073941841df2b20f..841c50a54361ce723a47d143475cbfa8b318e5d4 100644
--- a/sandbox/win/src/process_mitigations.cc
+++ b/sandbox/win/src/process_mitigations.cc
@@ -137,8 +137,8 @@ bool ApplyProcessMitigationsToCurrentProcess(MitigationFlags flags) {
     }
   }
 
-  // Enable dll extension policies.
-  if (flags & MITIGATION_EXTENSION_DLL_DISABLE) {
+  // Enable extension point policies.
+  if (flags & MITIGATION_EXTENSION_POINT_DISABLE) {
     PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY policy = {};
     policy.DisableExtensionPoints = true;
 
@@ -254,7 +254,7 @@ void ConvertProcessMitigationsToPolicy(MitigationFlags flags,
         PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_ON;
   }
 
-  if (flags & MITIGATION_EXTENSION_DLL_DISABLE) {
+  if (flags & MITIGATION_EXTENSION_POINT_DISABLE) {
     *policy_flags |=
         PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON;
   }
@@ -326,20 +326,13 @@ bool CanSetProcessMitigationsPostStartup(MitigationFlags flags) {
   // All of these mitigations can be enabled after startup.
   return !(
       flags &
-      ~(MITIGATION_HEAP_TERMINATE |
-        MITIGATION_DEP |
-        MITIGATION_DEP_NO_ATL_THUNK |
-        MITIGATION_RELOCATE_IMAGE |
-        MITIGATION_RELOCATE_IMAGE_REQUIRED |
-        MITIGATION_BOTTOM_UP_ASLR |
-        MITIGATION_STRICT_HANDLE_CHECKS |
-        MITIGATION_EXTENSION_DLL_DISABLE |
-        MITIGATION_DLL_SEARCH_ORDER |
-        MITIGATION_HARDEN_TOKEN_IL_POLICY |
-        MITIGATION_WIN32K_DISABLE |
-        MITIGATION_NONSYSTEM_FONT_DISABLE |
-        MITIGATION_IMAGE_LOAD_NO_REMOTE |
-        MITIGATION_IMAGE_LOAD_NO_LOW_LABEL));
+      ~(MITIGATION_HEAP_TERMINATE | MITIGATION_DEP |
+        MITIGATION_DEP_NO_ATL_THUNK | MITIGATION_RELOCATE_IMAGE |
+        MITIGATION_RELOCATE_IMAGE_REQUIRED | MITIGATION_BOTTOM_UP_ASLR |
+        MITIGATION_STRICT_HANDLE_CHECKS | MITIGATION_EXTENSION_POINT_DISABLE |
+        MITIGATION_DLL_SEARCH_ORDER | MITIGATION_HARDEN_TOKEN_IL_POLICY |
+        MITIGATION_WIN32K_DISABLE | MITIGATION_NONSYSTEM_FONT_DISABLE |
+        MITIGATION_IMAGE_LOAD_NO_REMOTE | MITIGATION_IMAGE_LOAD_NO_LOW_LABEL));
 }
 
 bool CanSetProcessMitigationsPreStartup(MitigationFlags flags) {