[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE for child processes.

[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE for child processes.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children" (https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch" (https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
5) -> THIS
6) "Turn on MITIGATION_EXTENSION_POINT_DISABLE for browser process" (https://codereview.chromium.org/2223783003)

This CL only turns on the new mitigation (in all child processes, not the browser process yet).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Committed: https://crrev.com/3087cbe87c1d2cd8a43c55d8ed4d7bbe2d9d9609
Cr-Original-Commit-Position: refs/heads/master@{#409264}
Cr-Commit-Position: refs/heads/master@{#410508}

[penny, 2016-04-04 21:20:32]

Description was changed from

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" ()
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
==========

to

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
==========

[penny, 2016-04-12 18:14:56]

pennymac@chromium.org changed reviewers:
+ robertshield@chromium.org, wfh@chromium.org

[penny, 2016-04-12 18:14:56]

Hello,

This is the final CL that will actually turn on
MITIGATION_EXTENSION_POINT_DISABLE.

There's no try bot run yet, as I'll wait for CL #4 to land first, and then
update this branch.  (Note that I did run tests successfully with this locally -
with all CLs together.)

Thanks!

[Will Harris, 2016-04-12 18:16:40]

content/common/sandbox_win.cc lgtm

[robertshield, 2016-04-14 04:01:58]

lgtm

[penny, 2016-07-20 22:59:42]

pennymac@chromium.org changed reviewers:
+ nick@chromium.org

[penny, 2016-07-20 23:09:09]

The CQ bit was checked by pennymac@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-07-20 23:09:42]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-07-20 23:25:06]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-07-20 23:25:06]

Dry run: Try jobs failed on following builders:
  win_chromium_compile_dbg_ng on master.tryserver.chromium.win (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_comp...)

[penny, 2016-07-21 22:07:46]

Description was changed from

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
==========

to

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng
==========

[ncarter (slow), 2016-07-21 23:37:36]

content lgtm

[penny, 2016-07-22 20:51:17]

Patchset #6 (id:100001) has been deleted

[penny, 2016-07-22 20:51:30]

Patchset #6 (id:120001) has been deleted

[penny, 2016-08-01 18:24:24]

Patchset #7 (id:160001) has been deleted

[penny, 2016-08-01 18:24:36]

Patchset #6 (id:140001) has been deleted

[penny, 2016-08-01 22:42:20]

Patchset #6 (id:180001) has been deleted

[penny, 2016-08-02 00:00:04]

Description was changed from

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng
==========

to

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng
==========

[penny, 2016-08-02 00:00:04]

pennymac@chromium.org changed reviewers:
+ bradnelson@chromium.org, dschuff@chromium.org

[penny, 2016-08-02 00:06:02]

Hello Brad and Derek,

Could one of you please review my changes to the GN files?

nacl64 was failing to link sandbox_win.obj, due to the new use of
content_features in content/common/sandbox_win.cc.  Link was of course only
failing on x86 Windows builds (nacl64).

I added a source_set like static_switches, for static_features, and now depend
on it from nacl64 (like static_switches).

Please let me know if you think there is a cleaner GN change.

Thanks for your time!

[penny, 2016-08-02 00:06:26]

The CQ bit was checked by pennymac@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-08-02 00:06:59]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-02 02:11:23]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-08-02 02:11:24]

Dry run: This issue passed the CQ dry run.

[bradn, 2016-08-02 15:47:12]

bradnelson@google.com changed reviewers:
+ bradnelson@google.com

[bradn, 2016-08-02 15:47:12]

lgtm

[penny, 2016-08-02 18:21:57]

pennymac@chromium.org changed reviewers:
- dschuff@chromium.org

[penny, 2016-08-02 18:24:37]

The CQ bit was checked by pennymac@chromium.org

[penny, 2016-08-02 18:24:37]

The patchset sent to the CQ was uploaded after l-g-t-m from
robertshield@chromium.org, wfh@chromium.org, nick@chromium.org
Link to the patchset: https://codereview.chromium.org/1854323002/#ps200001
(title: "Seem to have x86 GN build working.  Needed content_features for
linking.")

[commit-bot: I haz the power, 2016-08-02 18:25:22]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-02 18:32:49]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-08-02 18:32:51]

Try jobs failed on following builders:
  chromium_presubmit on master.tryserver.chromium.linux (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.linux/builders/chromium_presub...)

[penny, 2016-08-02 18:54:16]

On 2016/08/02 18:32:51, commit-bot: I haz the power wrote:
> Try jobs failed on following builders:
>   chromium_presubmit on master.tryserver.chromium.linux (JOB_FAILED,
>
http://build.chromium.org/p/tryserver.chromium.linux/builders/chromium_presub...)

Hi Brad,

You're in the owners file as bradnelson@, not bradn.  Any way you can lgtm from
that account name?

[bradnelson, 2016-08-02 19:07:11]

The CQ bit was checked by bradnelson@chromium.org

[bradnelson, 2016-08-02 19:07:12]

lgtm

[commit-bot: I haz the power, 2016-08-02 19:07:45]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-02 19:12:45]

Description was changed from

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng
==========

to

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng
==========

[commit-bot: I haz the power, 2016-08-02 19:12:46]

Committed patchset #6 (id:200001)

[commit-bot: I haz the power, 2016-08-02 19:14:54]

Description was changed from

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng
==========

to

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}
==========

[commit-bot: I haz the power, 2016-08-02 19:14:55]

Patchset 6 (id:??) landed as
https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}

[penny, 2016-08-08 02:05:13]

A revert of this CL (patchset #6 id:200001) has been created in
https://codereview.chromium.org/2227453002/ by pennymac@chromium.org.

The reason for reverting is: Reverting the "on switch" temporarily.  Want to
look at the scope/details of broken IMEs more before re-landing.  What
percentage of Chrome IMEs are actually still using legacy hooking techniques to
inject DLLs into our processes?  

Ref: https://bugs.chromium.org/p/chromium/issues/detail?id=634192.

[penny, 2016-08-08 20:47:49]

Description was changed from

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}
==========

to

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}
==========

[penny, 2016-08-08 20:50:08]

Patchset #8 (id:240001) has been deleted

[penny, 2016-08-08 20:50:25]

Patchset #7 (id:220001) has been deleted

[penny, 2016-08-08 20:55:00]

Description was changed from

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS

This CL only turns on the new mitigation (in all child processes, and early for
the browser process).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}
==========

to

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE for child
processes.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS
5) "Turn on MITIGATION_EXTENSION_POINT_DISABLE for browser process"

This CL only turns on the new mitigation (in all child processes, not the
browser process yet).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}
==========

[penny, 2016-08-08 21:00:20]

Description was changed from

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE for child
processes.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
-> THIS
5) "Turn on MITIGATION_EXTENSION_POINT_DISABLE for browser process"

This CL only turns on the new mitigation (in all child processes, not the
browser process yet).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}
==========

to

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE for child
processes.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
5) -> THIS
6) "Turn on MITIGATION_EXTENSION_POINT_DISABLE for browser process"
(https://codereview.chromium.org/2223783003)

This CL only turns on the new mitigation (in all child processes, not the
browser process yet).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}
==========

[penny, 2016-08-08 22:07:58]

The CQ bit was checked by pennymac@chromium.org

[penny, 2016-08-08 22:07:59]

The patchset sent to the CQ was uploaded after l-g-t-m from nick@chromium.org,
bradnelson@chromium.org, robertshield@chromium.org, bradnelson@google.com,
wfh@chromium.org
Link to the patchset: https://codereview.chromium.org/1854323002/#ps260001
(title: "Remove DISABLE_EXTENSION_POINT for browser process - until IME support
can be fixed.")

[commit-bot: I haz the power, 2016-08-08 22:08:22]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-08 22:40:49]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-08-08 22:40:51]

Try jobs failed on following builders:
  linux_chromium_chromeos_ozone_rel_ng on master.tryserver.chromium.linux
(JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_...)
  mac_chromium_compile_dbg_ng on master.tryserver.chromium.mac (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.mac/builders/mac_chromium_comp...)

[penny, 2016-08-08 23:54:33]

The CQ bit was checked by pennymac@chromium.org

[commit-bot: I haz the power, 2016-08-08 23:55:08]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-09 00:14:36]

Description was changed from

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE for child
processes.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
5) -> THIS
6) "Turn on MITIGATION_EXTENSION_POINT_DISABLE for browser process"
(https://codereview.chromium.org/2223783003)

This CL only turns on the new mitigation (in all child processes, not the
browser process yet).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}
==========

to

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE for child
processes.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
5) -> THIS
6) "Turn on MITIGATION_EXTENSION_POINT_DISABLE for browser process"
(https://codereview.chromium.org/2223783003)

This CL only turns on the new mitigation (in all child processes, not the
browser process yet).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}
==========

[commit-bot: I haz the power, 2016-08-09 00:14:38]

Committed patchset #7 (id:260001)

[commit-bot: I haz the power, 2016-08-09 00:16:59]

Description was changed from

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE for child
processes.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
5) -> THIS
6) "Turn on MITIGATION_EXTENSION_POINT_DISABLE for browser process"
(https://codereview.chromium.org/2223783003)

This CL only turns on the new mitigation (in all child processes, not the
browser process yet).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Cr-Commit-Position: refs/heads/master@{#409264}
==========

to

==========
[Windows Sandbox] Turn on MITIGATION_EXTENSION_POINT_DISABLE for child
processes.

This CL is part of a chain of CLs:
1) "MITIGATION_EXTENSION_POINT_DISABLE support for children"
(https://codereview.chromium.org/1835003003)
2) "MITIGATION_EXTENSION_POINT_DISABLE emergency off finch"
(https://codereview.chromium.org/1836523004/)
3) "New NT registry API" (https://codereview.chromium.org/1841573002)
4) "Early browser security support" (https://codereview.chromium.org/1656453002)
5) -> THIS
6) "Turn on MITIGATION_EXTENSION_POINT_DISABLE for browser process"
(https://codereview.chromium.org/2223783003)

This CL only turns on the new mitigation (in all child processes, not the
browser process yet).

BUG=557798
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng

Committed: https://crrev.com/df585142df9fd58299ef02b64da3381d8b733cb8
Committed: https://crrev.com/3087cbe87c1d2cd8a43c55d8ed4d7bbe2d9d9609
Cr-Original-Commit-Position: refs/heads/master@{#409264}
Cr-Commit-Position: refs/heads/master@{#410508}
==========

[commit-bot: I haz the power, 2016-08-09 00:17:00]

Patchset 7 (id:??) landed as
https://crrev.com/3087cbe87c1d2cd8a43c55d8ed4d7bbe2d9d9609
Cr-Commit-Position: refs/heads/master@{#410508}