Fix potential fd leak in FwmarkServer.

There's a subtle bug in the previous use of cmsg to receive file
descriptors: on 64-bit, CMSG_SPACE rounds up to the nearest
alignof(cmsghdr), and cmsghdr contains a size_t, so
CMSG_SPACE(sizeof(int)) is the same as CMSG_SPACE(2 * sizeof(int)).
This means it's possible for us to receive *two* file descriptors in a
single recvmsg call. We check that cmsghdr::cmsg_len equals
CMSG_LEN(sizeof(int)), but when it doesn't because we received two fds,
we treat it as if we received none, and leak the fds we received.

Switch to android::base::ReceiveFileDescriptorVector, which handles this
case properly.

Bug: http://b/122047630
Test: atest bpf_module_test clatd_test libbpf_android_test libnetdbpf_test
  netd_integration_test netd_unit_test netdutils_test resolv_integration_test
  resolv_unit_test
Change-Id: I58b7fa1e4c35973a68d12a8983574d5798d1a64b