Freeze package cgroup before killing

Apps are able to prevent their death by forking multiple processes
under different services and monitoring for the death of any of these.
When a child death is detected, the remaining process restarts the
terminating/terminated service before it's able to be killed itself.
This is now prevented by freezing the entire cgroup of the package to be
killed before killing the individual processes. After the kills are
completed synchronously, the cgroup can be unfrozen to allow for
restarts. Before freezing the cgroup, the binder interfaces of the
processes about to be frozen are also frozen to prevent indefinite
blocking by synchronous Binder callers.

Bug: 236708592
Bug: 148425913
Test: raven:/ $ monkey -p com.haok.nirvana 1
Test: bash arg: -p
Test: bash arg: com.haok.nirvana
Test: bash arg: 1
Test: args: [-p, com.haok.nirvana, 1]
Test: arg: "-p"
Test: arg: "com.haok.nirvana"
Test: arg: "1"
Test: data="com.haok.nirvana"
Test: Events injected: 1
Test: ## Network stats: elapsed time=14ms (0ms mobile, 0ms wifi, 14ms not connected)
Test: raven:/ $ ps -eo pid,uid,ppid,name|grep 10266
Test: 2499 10266   823 com.haok.nirvana
Test: 2577 10266   823 com.haok.nirvana:resident
Test: 2584 10266   823 android.media
Test: 2669 10266     1 app_d
Test: 2672 10266     1 app_d
Test: raven:/ $ am force-stop com.haok.nirvana
Test: raven:/ $ ps -eo pid,uid,ppid,name|grep 10266
Test: 1|raven:/ $
Test: atest PermissionControllerHostTest
Change-Id: I1718a9263a01d18da7e3d2e3771091cf8475e599