Evict adoptable storage CE and DE keys when possible

Adoptable storage CE and DE keys were not being explicitly evicted,
resulting in the benefits of key eviction not being fully realized on
devices that use adoptable storage.  Fix this by evicting the adoptable
storage keys when the corresponding internal storage keys are evicted:

- In lockUserKey, evict the CE keys for adoptable storage volumes, not
  just the CE key for internal storage as was done before.

- In destroyUserKey, evict the user's CE and DE keys for adoptable
  storage, not just the internal storage keys as was done before.

To make this possible, starting keeping track of the EncryptionPolicy of
each currently installed adoptable storage key.

(This CL is reworked from https://r.android.com/2660878,
 original author Arnab Sen <arnabse@amazon.com>)

Test: On Cuttlefish with config_multiuserMaxRunningUsers changed to 1:
    sm set-virtual-disk true
    sm partition disk:7,416 private
    pm create-user 10
    am start-user 10
    am stop-user 10
    # Verified that this fails with "Required key not available".
    touch /mnt/expand/f1ad173b-d6d9-4948-8eb7-ccdd7b053b22/misc_ce/10/foo.txt
    am start-user 10
    pm remove-user 10
    # Checked for all the expected "Evicted fscrypt key" messages.
    # 2 from when user was stopped, and 4 from when user was removed.
    adb logcat | grep Evicted

Ignore-AOSP-First: Conflicts. Will cherry-pick after Android 14 push...
Change-Id: I7f11a135d8550618cd96013f834cebd54be5ef84