Support passing `stderrthreshold` to sandboxee

PiperOrigin-RevId: 559769140
Change-Id: I57ad45e1155355e51a821d7903b2eb73dd1303ee

cmake/SapiBuildDefs.cmake

@@ -117,6 +117,8 @@ function(add_sapi_library)
   target_link_libraries("${_sapi_bin}" PRIVATE
     -fuse-ld=gold
     -Wl,--whole-archive "${_sapi_LIBRARY}" -Wl,--no-whole-archive
+    # Needs to be whole-archive due to how it Abseil registers flags
+    -Wl,--whole-archive absl::log_flags -Wl,--no-whole-archive
     sapi::client
     ${CMAKE_DL_LIBS}
   )

sandboxed_api/BUILD.bazel

@@ -83,11 +83,14 @@ cc_library(
         "//sandboxed_api/util:raw_logging",
         "//sandboxed_api/util:runfiles",
         "//sandboxed_api/util:status",
+        "@com_google_absl//absl/base",
         "@com_google_absl//absl/base:core_headers",
         "@com_google_absl//absl/base:dynamic_annotations",
+        "@com_google_absl//absl/base:log_severity",
         "@com_google_absl//absl/container:flat_hash_map",
         "@com_google_absl//absl/log",
         "@com_google_absl//absl/log:check",
+        "@com_google_absl//absl/log:globals",
         "@com_google_absl//absl/status",
         "@com_google_absl//absl/status:statusor",
         "@com_google_absl//absl/strings",
@@ -185,6 +188,7 @@ cc_library(
         "@com_google_absl//absl/flags:parse",
         "@com_google_absl//absl/log",
         "@com_google_absl//absl/log:check",
+        "@com_google_absl//absl/log:flags",
         "@com_google_absl//absl/log:initialize",
         "@com_google_absl//absl/status:statusor",
         "@com_google_absl//absl/strings",

sandboxed_api/CMakeLists.txt

@@ -52,8 +52,7 @@ add_library(sapi_embed_file ${SAPI_LIB_TYPE}
 )
 add_library(sapi::embed_file ALIAS sapi_embed_file)
 target_link_libraries(sapi_embed_file
-  PRIVATE absl::core_headers
-          absl::strings
+  PRIVATE absl::strings
           sandbox2::util
           sapi::base
           sapi::fileops
@@ -71,8 +70,11 @@ add_library(sapi_sapi ${SAPI_LIB_TYPE}
 )
 add_library(sapi::sapi ALIAS sapi_sapi)
 target_link_libraries(sapi_sapi
-  PRIVATE absl::dynamic_annotations
+  PRIVATE absl::base
+          absl::dynamic_annotations
           absl::flat_hash_map
+          absl::log
+          absl::log_globals
           absl::status
           absl::statusor
           absl::str_format
@@ -100,6 +102,7 @@ add_library(sapi_call ${SAPI_LIB_TYPE}
 )
 add_library(sapi::call ALIAS sapi_call)
 target_link_libraries(sapi_call PRIVATE
+  absl::core_headers
   sapi::var_type
   sapi::base
 )
@@ -172,8 +175,8 @@ target_link_libraries(sapi_client
           absl::dynamic_annotations
           absl::flags_parse
           absl::log
+          absl::log_flags
           absl::log_initialize
-          absl::statusor
           absl::strings
           libffi::libffi
           sandbox2::comms
@@ -210,7 +213,6 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING AND NOT CMAKE_CROSSCOMPILING)
   target_link_libraries(sapi_test PRIVATE
     absl::status
     absl::statusor
-    absl::time
     benchmark
     sandbox2::result
     sapi::proto_arg_proto

sandboxed_api/sandbox.h

@@ -19,12 +19,11 @@
 #include <initializer_list>
 #include <memory>
 #include <string>
-#include <utility>
 #include <vector>
 
 #include "sandboxed_api/file_toc.h"
-#include "absl/base/attributes.h"
 #include "absl/base/macros.h"
+#include "absl/log/globals.h"
 #include "absl/log/log.h"
 #include "absl/status/status.h"
 #include "absl/status/statusor.h"
@@ -119,13 +118,14 @@ class Sandbox {
 
   // Gets extra arguments to be passed to the sandboxee.
   virtual void GetArgs(std::vector<std::string>* args) const {
-    // Do nothing by default.
+    args->push_back(absl::StrCat("--stderrthreshold=",
+                                 static_cast<int>(absl::StderrThreshold())));
   }
 
  private:
   // Gets the environment variables passed to the sandboxee.
   virtual void GetEnvs(std::vector<std::string>* envs) const {
-    envs->push_back("GOOGLE_STDERRTHRESHOLD=INFO");
+    // Do nothing by default.
   }
 
   // Returns the sandbox policy. Subclasses can modify the default policy