[Win-Sandbox] Statically link SetProcessDEPPolicy.

This CL removes the dynamic linking of SetProcessDEPPolicy as we don't
support < Vista.

Bug: 986625
Change-Id: Ie3e829150444db914d05798f8a67700439281934
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1729961Reviewed-by: Will Harris <wfh@chromium.org>
Commit-Queue: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#682970}

sandbox/win/src/process_mitigations.cc

@@ -20,8 +20,6 @@
 #include "sandbox/win/src/win_utils.h"
 
 namespace {
-// API defined in winbase.h >= Vista.
-using SetProcessDEPPolicyFunction = decltype(&SetProcessDEPPolicy);
 
 // API defined in libloaderapi.h >= Win8.
 using SetDefaultDllDirectoriesFunction = decltype(&SetDefaultDllDirectories);
@@ -145,16 +143,10 @@ bool ApplyProcessMitigationsToCurrentProcess(MitigationFlags flags) {
     if (flags & MITIGATION_DEP_NO_ATL_THUNK)
       dep_flags |= PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION;
 
-    SetProcessDEPPolicyFunction set_process_dep_policy =
-        reinterpret_cast<SetProcessDEPPolicyFunction>(
-            ::GetProcAddress(module, "SetProcessDEPPolicy"));
-    if (set_process_dep_policy) {
-      if (!set_process_dep_policy(dep_flags) &&
-          ERROR_ACCESS_DENIED != ::GetLastError()) {
-        return false;
-      }
-    } else
+    if (!::SetProcessDEPPolicy(dep_flags) &&
+        ERROR_ACCESS_DENIED != ::GetLastError()) {
       return false;
+    }
   }
 #endif