Enforce permission for cross-user access for registerPackageMonitorCallback

1. Enforce permission for registerPackageMonitorCallback
2. Fix LauncherAppsService#startWatchingPackageBroadcasts() doesn't
clearCallingIdentity which causes the PMS get the wrong callinguid.

Bug: 289567218
Test: atest FrameworksCorePackageMonitorTests
Test: atest FrameworksCorePackageMonitorWithoutPermissionTests
Change-Id: I62fbfba6fb7041f63bc35c526dca9a82382be3f0