Build vbmeta partitions with soong

AVB is Android Verified Boot:
https://source.android.com/docs/security/features/verifiedboot
It works by signing all the partitions, but then also including an extra
metadata paritition called vbmeta that depends on all the other
signed partitions. This creates a requirement that you update all those
partitions and the vbmeta partition together, so in order to relax that
requirement products can set up "chained" vbmeta partitions, where a
chained partition like vbmeta_system might contain the avb metadata for
just a few products. In cuttlefish vbmeta_system contains metadata about
product, system, and system_ext. Using chained partitions, that group of
partitions can be updated independently from the other signed
partitions.

This is a resubmission with changes starting from line 134 of
vbmeta_partitions.go to add default values for the key and algorithm,
and allow unset rollback indexes.

Bug: 377563298
Test: m nothing (the diff test currently fails, but this is a start)
Change-Id: I431df464b3841bd75d119233e64b207bb27b81a4