[kernel] Add automatic verification to syscalls

Since we have a DSL for specifying syscalls, we can create a verificaton
method for each syscall that can cover most argument (and eventually
capability) verification instead of doing it piecemeal in each syscall
implementation, which can be more error-prone.

Now a new _syscall_verify_* function exists for every syscall, which
calls the real implementation. The syscall table for the syscall handler
now maps to these verify functions.

Other changes:

- Updated the definition grammar to allow options to have a "key:value"
  style, to eventually support capabilities.
- Added an "optional" option for parameters that says a syscall will
  accept a null value.
- Some bonnibel fixes, as definition file changes weren't always
  properly causing updates in the build dep graph.
- The syscall implementation function signatures are no longer exposed
  in syscall.h. Also, the unused syscall enum has been removed.

definitions/objects/process.def

@@ -28,7 +28,7 @@ object process : kobject {
     # Give the given process a handle that points to the same
     # object as the specified handle.
     method give_handle {
-        param sender object kobject          # A handle in the caller process to send
-        param receiver object kobject [out]  # The handle as the recipient will see it
+        param sender object kobject                   # A handle in the caller process to send
+        param receiver object kobject [out optional]  # The handle as the recipient will see it
     }
 }