Validate originating process for transferTouchGesture API

Addresses a security vulnerability where a malicious process could
potentially steal an active touch gesture from its host or embedded
process. The fix ensures that the requested is the owner of the
InputTransferToken. This adds an additional verification on top of
the existing  association checks between the transferFrom and
transferTo processes.

Flag: EXEMPT security fix
Bug: 364037868
Test: presubmit
Change-Id: I2654ccab807a62a341c8af69bf64bb33e56c4252