safely flash bootloader firmware to both slots

Information from Daniel Micay <danielmicay@gmail.com>:

SoC firmware anti-rollback protection is being actively used for 6th and
7th generation Pixels. The code implementing this was deployed as part
of Android 13 resulting in an initial rollback version increase.

Consider the situation where a device shipped with v5 firmware and was
upgraded to v7 by the user. It has v7 on the current slot and v5 on the
alternate slot. It has been successfully booted with v7 firmware so the
OS has incremented the rollback version to v7. If the user unlocks and
unsuccessfully flashes new firmware or a new OS, the device rolls back
to the other slot, bricking itself.

The safest solution to this problem is flashing the unused slot with the
new firmware, making it active, booting it and then repeating it. This
makes sure that the new firmware is flashed to both slots and verifies
that it boots up successfully before proceeding with flashing the OS.

It makes sense to do this for ALL devices because all devices can deploy
similar anti-rollback protection and this also improves overall safety
of installation. Anti-rollback protection isn't the only reason that the
inactive slot could have non-booting firmware. Something could have gone
wrong previously so the user only has 1 booting firmware slot remaining.
This new approach makes fastboot.js much safer than Google's approach to
flashing.

GrapheneOS has adopted this for both fastboot.js and also the CLI
flashing script in the factory images zip since shortly after the
release of Android 13. It's very well tested now and we've avoided the
issues with bricked devices people are experiencing with flashing the
stock OS.