Filter USER_ID tag from the hardware keystore

An as-yet-undiscovered mismatch between authorization sets that do or
don't have the USER_ID tag applied are causing failures for PIN setting
on the secondary account. This changes makes sure those tags are not
sent to the underlying keystore to fix the PIN failure, while we
diagnose the underlying cause.

Bug: 76460912

Test: Switch to guest account, set PIN, lock and unlock.
Change-Id: I880899af5095a95ae41b7a64c5a76329f0f78f4a
(cherry picked from commit d98dcfb331c8e81a4aff2d61252f8bb1965e4920)
diff --git a/keymaster/4.0/support/Keymaster3.cpp b/keymaster/4.0/support/Keymaster3.cpp
index b2cdbd9..84b3ee1 100644
--- a/keymaster/4.0/support/Keymaster3.cpp
+++ b/keymaster/4.0/support/Keymaster3.cpp
@@ -61,9 +61,12 @@
 }
 
 hidl_vec<V3_0::KeyParameter> convert(const hidl_vec<KeyParameter>& params) {
-    hidl_vec<V3_0::KeyParameter> converted(params.size());
-    for (size_t i = 0; i < params.size(); ++i) {
-        converted[i] = convert(params[i]);
+    std::vector<V3_0::KeyParameter> converted;
+    converted.reserve(params.size());
+    for (const auto& param : params) {
+        // Qualcomm's Keymaster3 implementation behaves oddly if Tag::USER_ID is provided. Filter it
+        // out.  Revert this change when b/73286437 is fixed.
+        if (param.tag != Tag::USER_ID) converted.push_back(convert(param));
     }
     return converted;
 }