fix: exec-server stream was erroring for large requests

[bolinfest]

Previous to this change, large EscalateRequest payloads exceeded the kernel send buffer, causing our single sendmsg(2) call (with attached FDs) to be split and retried without proper control handling; this led to EINVAL/broken pipe in the handle_escalate_session_respects_run_in_sandbox_decision() test when using an env with large contents.

Before: AsyncSocket::send_with_fds() called send_json_message(), which called send_message_bytes(), which made one socket.sendmsg() call followed by additional socket.send() calls, as necessary:

codex/codex-rs/exec-server/src/posix/socket.rs

Lines 198 to 209 in 2e4a402

	let msg = MsgHdr::new().with_buffers(&payload).with_control(&control);
	let mut sent = socket.sendmsg(&msg, 0)?;
	while sent < frame.len() {
	let bytes = socket.send(&frame[sent..])?;
	if bytes == 0 {
	return Err(std::io::Error::new(
	std::io::ErrorKind::WriteZero,
	"socket closed while sending frame payload",
	));
	}
	sent += bytes;
	}

After: AsyncSocket::send_with_fds() now calls send_stream_frame(), which calls send_stream_chunk() one or more times. Each call to send_stream_chunk() calls socket.sendmsg().

In the previous implementation, the subsequent socket.send() writes had no control information associated with them, whereas in the new send_stream_chunk() implementation, a fresh MsgHdr (using with_control(), as appropriate) is created for socket.sendmsg() each time.

Additionally, with this PR, stream sending attaches SCM_RIGHTS only on the first chunk, and omits control data when there are no FDs, allowing oversized payloads to deliver correctly while preserving FD limits and error checks.