Fix an event injection bug when the policy is bypassed.

Added the concept of a "trusted" event to distinguish between events from
attached input devices or trusted injectors vs. other applications.
This change enables us to move certain policy decisions out of the
dispatcher and into the policy itself where they can be handled more
systematically.

Change-Id: I4d56fdcdd31aaa675d452088af39a70c4e039970