[Win10 sandbox mitigations] Four new Win10 mitigations added.
1. Disable non-system font loading on >= WIN10 (MITIGATION_NONSYSTEM_FONT_DISABLE).
2. Disable image loads from remote devices on >= WIN10_TH2 (MITIGATION_IMAGE_LOAD_NO_REMOTE).
3. Disable loading images that are labelled low integrity mandatory on >= WIN10_TH2 (MITIGATION_IMAGE_LOAD_NO_LOW_LABEL).
4. Extra disabling of child process creation on >= WIN10_TH2. In BrokerServicesBase::SpawnTarget(), if JobLevel <= JOB_LIMITED_USER, set PROC_THREAD_ATTRIBUTE_CHILD_PROCESS_POLICY to PROCESS_CREATION_CHILD_PROCESS_RESTRICTED via UpdateProcThreadAttribute().
This CL enables all four mitigations on every Chrome process except for
browser. sbox_integration_tests have also been updated appropriately.
base::win::VERSION_WIN10_TH2 has been added to identify
Threshold 2/1511/10586.
BUG=504006
R=jschuh@chromium.org, wfh@chromium.org
Review URL: https://codereview.chromium.org/1626623003 .
Cr-Commit-Position: refs/heads/master@{#373265}
13 files changed