Enforce strong auth for private profile on storage lock events

Currently, strong auth requirements are only enforced on reboots for
private profile users. For all other users, the strong auth requirements
are also enforced on all user stops as additionally.

With this change, we expose storage manager callbacks to system services
whenever the ce storage for a user is locked. We also enable
LockSettingsService to register for this callback and ensure private
profile strong auth requirements are enforced when the CE storage of
the private profile user is locked. For all other users, the strong auth
requirements will still be changed only on user stops.

Bug: 319142556
Test: atest StorageManagerServiceTest. Also tested manually by
installing private space and making changes to ensure the storage gets
locked whenever the private space is locked.
Flag: android.multiuser.enable_biometrics_to_unlock_private_space
Ignore-AOSP-First: The change depends on internal flags

Change-Id: I5db6d9f5699117b0c0422269c560eb0723b4d809