Binder: clearCallingIdentity is kernel binder

This method clears the calling identity of a kernel
binder call. However, there is now a generic API to
disallow the use of kernel binder calling identities.
This is used by RPC binder calls in order to ensure
that code doesn't accidentally assume the default
(<pid>, <uid>) calling identity means that the call
originated from another process.

In the C++ layer, this API is attached to
IPCThreadState. In the future, we could consider
expanding the scope of this API to code and restore
many types of calling IDs, but the current return
type may not have enough space, and I want to
push people away from thread locals (globals)
for now.

Bug: 237245600
Test: N/A
Change-Id: I6e293814769cbd3c41e72afd95385af31ceb099f