Notify runtimes of its key manager policy updates

[kostko]

Currently runtimes are unaware of any key manager policy updates. For example, the runtime (simple-keyvalue) used in E2E tests initializes its key manager policy on startup and passes it to the key manager client.

If the key manager policy changes while the runtime is running (e.g., due to the key manager being upgraded, see #2517), the runtime is not notified and keeps using the old policy. This will cause EnclaveRPC sessions to fail when enclave identity changes.

One possible way of resolving this is extending the Runtime Host Protocol (RHP) with a method for notifying the runtime of a new key manager policy:

• Currently, the runtime can query the policy at any point by sending a HostKeyManagerPolicyRequest message over RHP.
• We could turn this around (removing the above message) and introduce a RuntimeKeyManagerPolicyUpdateRequest that the host uses to notify the runtime of a new policy.

Watching policy updates and propagating them to the runtime should most likely be part of the common runtime host handler (see go/worker/common/committee/runtime_host.go).