Add PackageInstaller SessionParams restrictions

To mitigate a boot loop with reading a massive
install_sessions.xml file, this restricts the amount of
data that can be written by limiting the size of
unbounded parameters like package name and app label.

This introduces a lowered max session count. 50 for general
applications without the INSTALL_PACKAGES permission, and
the same 1024 for those with the permission.

Also truncates labels read from PackageItemInfo to 1000
characters, which is probably enough.

These changes restrict a malicious third party app to ~0.15 MB
written to disk, and a valid installer to ~3.6 MB, as opposed to
the >1000 MB previously allowed.

These numbers assume no install granted runtime permissions.
Those were not restricted since there's no good way to do so,
but it's assumed that any installer with that permission is
highly privleged and doesn't need to be limited.

Along the same lines, DataLoaderParams are also not restricted.
This will have to be added if that API is ever made public.

However, installer package was restricted, even though the API is
hidden. It was an easy add and may have some effect since the value
is derived from other data and passed through by other system
components.

It's still possible to inflate the file size if a lot of
different apps attempt to install a large number of packages,
but that would require thousands of malicious apps to be installed.

Bug: 157224146

Test: atest android.content.pm.PackageSessionTests

Change-Id: Iec42bee08d19d4ac53b361a92be6bc1401d9efc8