Prevent (and repair) poisoned full-data backup queue

An app that transitioned from full-data to key/value backup regimes
was being left in the full-data backup queue until next reboot.  In
edge cases this would result in the app being inappropriately shut
down for backup; furthermore, it would potentially cause there to
exist a full-data payload for the app that was considered "newest"
and therefore be the one delivered at restore time on a new device
or app (re)installation.

Defense in depth: full-backup candidates are just-in-time reevaluated
for validity when they come up again in the queue; app update
notifications cause a reevaluation and removal from the queue if
full-data is no longer the right modality; and the common engine for
all cloud-facing full-data backups does an additional last-ditch
validation that each stated target is actually supposed to get
full-data backups rather than key/value, to backstop the checks on
queue-presence validity.

Bug 26744511

Change-Id: I55bea3e19a2cab0150dbe5a08dd9fc550f0068c4