Start defining strongly-typed storage permissions.

We now have separate permissions that correspond to the various
MediaStore tables:

-- READ/WRITE_MEDIA_AUDIO
-- READ/WRITE_MEDIA_VIDEO
-- READ/WRITE_MEDIA_IMAGES

From a product point-of-view, Images and Videos will being treated as
a single permission group of "Visual" media in Q.  We're also defining
two other special permissions:

-- ACCESS_MEDIA_LOCATION: indicating that the app can see any
geographic location related metadata associated with media, such
as being stored in the EXIF data.  We're willing to grant this under
the unbrella of the larger "Visual" runtime permission group, but we
still want apps to request it for full disclosure of their intent.

-- WRITE_OBB: can be held by app stores that need to deliver OBB
files into app-specific sandboxes to keep legacy apps working.

Test: manual
Bug: 111801780, 110228267, 111789719, 111892833
Change-Id: If28247efdd7ac185ad3c6cbceda2e6346c26d032