Add ISecretkeeper/default

On Cuttlefish, the implementation of the ISecretkeeper HAL runs
in-process in the HAL service, and so is deliberately marked as being
the /nonsecure instance to make that clear.

A real device that's running Secretkeeper inside a secure environment
should report that instance as being the /default instance.

So allow either in the compatibility matrix.

Bug: 306364873
Test: build, VtsAidlAuthGraphRoleTest, VtsSecretkeeperTargetTest
Change-Id: Ifb58d8bb9318707b714a345adc1b1b4198054f81