Moves some logic out of gpu_main.cc and into the sandbox code,
where it is anticipated to be re-used to make a network sandbox
Rename BrokerProcess::policy_ to broker_policy_, to distinguish it
from the sandbox policies that are flying around and update comment.
Remove an else-after-return.
Commit-Queue: Tom Sepez <firstname.lastname@example.org>
Reviewed-by: Antoine Labour <email@example.com>
Reviewed-by: Robert Sesek <firstname.lastname@example.org>