Define FLAG_ALLOW_UNSAFE_IMPLICIT_INTENT for PendingIntent

Starting from target SDK U, we want to block creation of mutable
PendingIntents with implicit Intents because attackers can mutate the
Intent object within and launch altered behavior on behalf of victim
apps. For more details on the vulnerability, see go/pendingintent-rca.
This change is planned to be part of the Safer Intents and Components
feature b/229362273.

ag/20580416 is the initial CL that introduced this feature.

This change defines FLAG_ALLOW_UNSAFE_IMPLICIT_INTENT that allows to
bypass the newly introduced block for cases when an implicit intent is
required.

Testing and the actual block will happen in a subsequent CL after we
finish migrating platform code to use safer PendingIntents. For now,
there is a Slog.wtfStack() that acts as a warning about the upcoming
change.

Bug: 236704164
Bug: 229362273
Test: atest PendingIntentTest
CTS-Coverage-Bug: 266434003
Change-Id: I701f7e3ab3e95deb5b8b6990c5d67b7d66a052b0