Sanity check raw paths against requested volume.

When callers are inserting or updating raw "_data" paths, we need to
sanity check them to make sure they're not "crossing the streams"
between storage devices.  For example, it would be really broken to
insert a file on the SD card into the "internal" storage volume.

This also enforces that callers don't "cross the streams" between
multiple storage volumes on devices that support them, since
otherwise they'd end up with very confusing behavior, such as
the same underlying file being inserted into multiple databases.

Also, the "internal" storage volume should really only be used for
common media (such as ringtones), and it shouldn't be allowed to
point into private app data directories, since MODE_WORLD_READABLE
has been deprecated for many years now.

Bug: 117932814
Test: atest MediaProviderTests
Test: atest cts/tests/tests/media/src/android/media/cts/MediaScanner*
Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore*
Change-Id: I267eacd45bbd270b8ce9b28de9d6e209f780f31a