Move encrypted directories into place already-encrypted

Even after having changed the SELinux policy to remove system_server's
permission to create directories like /data/system_ce/10, there's still
a very small loophole where system_server can create a subdirectory
after vold creates the directory but before vold assigns an encryption
policy to it.  This isn't known to have actually happened (b/285239971
was a candidate, but it seems to have actually been caused by SELinux
being in permissive mode), but it's theoretically possible.

Close this loophole by making vold create encrypted directories under
temporary names and move them into place once they are fully prepared.

Bug: 156305599
Bug: 285239971
Test: Cuttlefish boots, and can be rebooted.
Change-Id: I53407c938bab02ab4b7e5bab8402f36eb47fb203