[roll] Roll fuchsia [sestarnix] Fix SELinuxFS "create" API handling of object class

Revise the structure of Security Context / SID computations for
new objects, whether requested by userspace or the kernel.

Based on the SELinux Notebook documentation, the "create" API
available to userspace performs a generic label computation, taking
into account policy-defined role, type and range transitions. This
has a special-case only if the policy specifies neither transitions
nor explicit "default" behaviour, which applies to the "process"
class and to all "socket"-like classes.

Queries made by the kernel apply additional context not available
in requests via the "create" API, notably that the transition-aware
computation will only be used if a new file node is created in a
filesystem configured with `fs_use_trans` or `fs_use_xattr`
labeling. The "fifo_file" class behaves differently, for example,
when created via `pipe()`, in "pipefs", which is `fs_use_task`
labeled, than via `mkfifo()`, in which case the target filesystem
scheme will be used.

Sockets appear to always be labeled taking into account transitions
but with the transitions calculated with the creating task as both
subject and target, so the file-like and socket-like logic is now
split out of the general `compute_fs_node_sid()`, to simplify the
logic in each case.

Original-Bug: 361552580, 393086830, 377912777, 416040663
Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/1270104
Original-Revision: 4db7f94c80a3f258f10386959043fc363e38f1d3
GitOrigin-RevId: b34126bbf9fe8c12d3a9c4357076d34f6fd4a7dd
Change-Id: I7aa8d8357252d4f133f8ce5676f96792db1bd451