SELinuxPolicyInstallReceiver: Prevent partial or mixed policy updates.

The current SELinuxPolicyInstallReceiver logic can yield a partial
or mixed (old and new) set of policy files under /data/security/current
if there is an error or a crash at certain points before completing
the installation of the update.

Rewrite the logic to avoid the possibility of such partial or mixed
policy updates by using rename on the entire directory of policy
files rather than operating on a per-file basis.  Also separate
the extraction of the policy files from the bundle into their own
temporary directory.  Make sure we delete any previous temporary directory
or backup directory before using them for this update.  Drop the
use of a symlink for /data/security/current altogether; it provides
no benefit.

Change-Id: I564af01c2c3ca1531c216013b8724c7511f32de8
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>