dumpstate: Close API FDs on exec

Set the external bugreport and screenshot FDs used in service API
invocations as CLOEXEC to prevent them from being inherited by incident,
which does not have SELinux permissions to access them. SELinux checks
FDs inherited by a new process and reports audit events for unauthorized
files.

Bug: 218515584
Test: adb shell am broadcast -a
  com.android.internal.intent.action.BUGREPORT_REQUESTED
  -f 285212672 --ei android.intent.extra.BUGREPORT_TYPE 0
  and check for SELinux denials
Change-Id: I0b162f32fdff758953cf9262f85c55dc53525305
Merged-In: I69f420abf0c736149c2b03fb3ba47743dceff2d7