[kernel] Add capabilities to handles

This change finally adds capabilities to handles. Included changes:

- j6_handle_t is now again 64 bits, with the highest 8 bits being a type
  code, and the next highest 24 bits being the capability mask, so that
  programs can check type/caps without calling the kernel.
- The definitions grammar now includes a `capabilities [ ]` section on
  objects, to list what capabilities are relevant.
- j6/caps.h is auto-generated from object capability lists
- init_libj6 again sets __handle_self and __handle_sys, this is a bit
  of a hack.
- A new syscall, j6_handle_list, will return the list of existing
  handles owned by the calling process.
- syscall_verify.cpp.cog now actually checks that the needed
  capabilities exist on handles before allowing the call.

definitions/objects/endpoint.def

@@ -4,18 +4,23 @@
 object endpoint : kobject {
     uid c5882f24a4c03b7e
 
+    capabilities [
+        send
+        receive
+    ]
+
     method create [constructor]
 
     # Send a message on a channel. Blocks until the message
     # is received.
-    method send {
+    method send [cap:send] {
         param tag uint64
         param data buffer
     }
 
     # Receieve a message on a channel. Blocks until a message
     # is available.
-    method receive {
+    method receive [cap:receive] {
         param tag uint64 [out]
         param data buffer [out optional]
         param timeout uint64    # Receive timeout in nanoseconds
@@ -24,7 +29,7 @@ object endpoint : kobject {
     # Send a message on a channel and then await a new message.
     # Equivalent to calling send and then recieve, as a single
     # operation.
-    method sendrecv {
+    method sendrecv [cap:send cap:receive] {
         param tag uint64 [inout]
         param data buffer [inout]
         param timeout uint64      # Receive timeout in nanoseconds