Constrain Non-DeviceConfig settings reset times & unify DeviceConfig reset mode

1. For Non-DeviceConfig settings(Settings.Secure and Settings.Global),
constrain that it'll be reset only once(with the corresponding ResetMode) per rescue level even if the level is executed multiple times from multiple packages. Per-package rescue level is only meaningful for Settings.Config where package<->namespace access is recorded. Thus restoring Non-DeviceConfig settings to their pre-S resetting sequence(e.g. no repeated or "de-escalated" reset mode) to avoid unexpected regressions.
2. Simplify all DeviceConfig resets to Reset Mode
RESET_MODE_TRUSTED_DEFAULTS. This is because there is no "UNTRUSTED"
defaults in Settings.Config, while resetting to that step will reset all
values to null, vs resetting to "TRUSTED" defaults *deletes* all KVPs.
It's the same effect when calling DeviceConfig.getProperies, but the
difference causes unnecessary complications when banning namespaces(e.g.
"null map"'s banning hash is different from empty map).

Next steps:
1. Rename the four rescue levels away from Reset modes since that's not
how Settings.Config resets per level(even before this change).
2. Move bootloop mitigation to also infer rescue level from the
"attempted times" provided by PackageWatchdog.

Bug: 162425385
Test: atest RescueParty
Change-Id: Ib49ae9f9b7e0f5e255d038e088d4e7c746dc3339