Enforce package visibility filter rules to the isTrusted api

The api leaks packages that hold media control permission or
notification listener enabled on the device. This cl uses package
visibility rules to filter the caller and the package name.

In normal cases, the package name passed to the api is the caller
itself or an app that binds to the caller's session service.
Both are legitimate to the package visibility rules. For caller
passing arbitrary package names to the api declares package
visibility in the manifest is necessary.

Bug: 238862819
Test: atest MediaSessionManagerHostTest
Test: atest MediaSessionManagerTest
Test: atest CtsAppEnumerationTestCases
Change-Id: I33579cb8203c8a9658372ba9ed12bb0cbb1155c6