[kernel] Add handle_clone syscall

Added the handle_clone syscall which allows for cloning a handle with
a subset of the original handle's capabilities.

Related changes:

- srv.init now calls handle_clone on its system handle, and load_program
  was changed to allow this second system handle to be passed to loaded
  programs instead. However, as drv.uart is still a driver AND a log
  reader, this new handle is not actually passed yet.
- The definition parser was using a set for the cap list, which meant
  the order (and thus values) of caps was not static.
- Some code in objects/handle.h was made more explicit about what bits
  meant what.

src/user/srv.init/loader.cpp

@@ -20,7 +20,7 @@ constexpr size_t stack_size = 0x10000;
 constexpr uintptr_t stack_top = 0x80000000000;
 
 bool
-load_program(const module_program &prog, char *err_msg)
+load_program(const module_program &prog, j6_handle_t sys, char *err_msg)
 {
     if (prog.mod_flags && module_flags::no_load) {
         sprintf(err_msg, "  skipping pre-loaded program module '%s' at %lx", prog.filename, prog.base_address);
@@ -55,7 +55,7 @@ load_program(const module_program &prog, char *err_msg)
         return false;
     }
 
-    res = j6_process_give_handle(proc, __handle_sys, nullptr);
+    res = j6_process_give_handle(proc, sys, nullptr);
     if (res != j6_status_ok) {
         sprintf(err_msg, "  ** error loading program '%s': giving system handle: %lx", prog.filename, res);
         return false;