Add android.security.NetworkSecurityPolicy.

The initial purpose of the NetworkSecurityPolicy class is to provide a
way for network libraries to check whether cleartext network traffic
(e.g., HTTP, WebSockets, XMPP, IMAP, SMTP) should be blocked from this
process.

The policy is set declaratively by the app developer in the app's
manifest and can be queried from ApplicationInfo.flags. Unfortunately,
several network stacks (bundled and unbundled) do not have a reference
to ApplicationInfo or Context.

Alternatives:
* Keep this API hidden (and thus potentially move it from framework to
  libcore), thus precluding unbundled HTTP stacks from using the API.
* Introduce a new java.lang.System property instead of this API.
  However, such properties are a mess and not as powerful/extensible
  as a public class.

Bug: 19215516
Change-Id: If22056a74d257bf1d805ebb4fc284240b3d338f1