Unlock user keys from LockSettingsService only

In preparation for making the CE key of each user always be protected by
the user's synthetic password even when the user has no LSKF, make
LockSettingsService the sole caller of IStorageManager.unlockUserKey().

For the opportunistic secret-less unlock by UserController at user start
time, call a new method LSS.unlockUserKeyIfUnsecured().  For now this
method calls IStorageManager.unlockUserKey() with a null secret.  Later
it will unwrap the user's synthetic password if needed.

For the unlock via credential verification that is triggered by LSS,
make LSS call IStorageManager.unlockUserKey() before calling
IActivityManager.unlockUser(), rather than passing the SP-derived secret
to IActivityManager.unlockUser() for it to do the unlockUserKey().

Since neither the secret nor the token arguments to
IActivityManager.unlockUser() are used anymore, add a new method
IActivityManager.unlockUser2() that lacks these arguments.  Note that
method name overloading cannot be used because AIDL doesn't support it.

Test: atest com.android.server.locksettings && \
      atest com.android.server.am.UserControllerTest \
            com.android.server.pm.UserManagerServiceTest \
            com.android.server.pm.UserManagerTest
Test: Boot and reboot Cuttlefish
Bug: 232452368
Change-Id: I8971b92bb5055fca8e19e0f9d14e8f0a7022b453