debug: create debug_tcb_t struct

Special debug variables that were previously stored at the end of the
tcb_t struct often cause the struct to get too large for the power-of-2
sized untyped object definition. This change moves these variables into
a new structure named debug_tcb_t that is located between the TCB CNode
and the tcb_t struct within a tcb kernel object. Because tcb_t needs to
be stored on a power-of-2 aligned boundary and the TCB CNode only
contains < 5 slots, there is easily > 512 bytes of unused data in every
tcb object. The kernel verification needs to be sure that objects don't
overlap in memory and so this space can't be easily used in a release
build at the moment, but for debug configurations using it shouldn't be
an issue.

Signed-off-by: Kent McLeod <Kent.Mcleod@data61.csiro.au>

mcs: allow replyGrant for fault handlers

The MCS kernel so far insisted on full grant rights for fault handler
caps, but replyGrant is sufficient and consistent with the default
kernel config.

Convert license tags to SPDX identifiers

This commit also converts our own copyright headers to directly use
SPDX, but leaves all other copyright header intact, only adding the
SPDX ident. As far as possible this commit also merges multiple
Data61 copyright statements/headers into one for consistency.

mcs: only donate on fault if the faulter has an SC

Fix bug found by Corey during verification

mcs: timeout exceptions

- Add seL4_TCB_SetTimeoutEndpoint
- implement timeout exceptions

mcs: install fault endpoint into tcb cnode

- seL4_TCB_Configure no longer takes a fault endpoint.
- seL4_TCB_SetSpace takes a cap in the callers cspace for the
fault endpoint, not the target tcbs.
- seL4_TCB_SetSchedParams now also takes a fault endpoint as above.

This change installs the fault endpoint cap into the tcb cnode
first validating it.

This means either of the functions that set it will now return an error
if the cap is not either a null cap or an endpoint with send and
grant rights.

Significantly, the cap passed to the function should be in the callers
cspace, not the target tcbs.

mcs: scheduling context donation over ipc

After this commit, threads blocked on an endpoint can recieve a
scheduling context from the thread that wakes the blocked thread.

style: set min-conditional-indent to 0

Given we use braces all the time conditional indents do not make code
cleaner.

style: consistently attach return type

Add attach-return-type to astyle

style: consistently align pointer with name

Run astyle with align-pointer=name

SELFOUR-6: Add GrantReply to the rights system.

GrantReply is a new access right added to endpoint capabilities, which
allows seL4_Call to be used on those capabilities (specifically, it
allows reply caps *only* to be granted across endpoints).

Prior to the addition of GrantReply, endpoint capabilities required the
Grant access right, which allowed any arbitrary capabilitiy to be
transferred over an endpoint. Using GrantReply, systems can now be
constructed where threads using seL4_Call over an endpoint do not need to be in the same
security subsystem.

Fix output bug in faults from the debug kernel

Variables output by printf in fault messages were truncated to 32-bit.

Remove irrelavant changes from riscv commit to non riscv arch code

[SELFOUR-1156] RISC-V Port

Experimental release that supports both RV32 and RV64

SELFOUR-413: refactor libsel4 fault API

This is a *breaking API change*

This commit:

* makes seL4_Fault_tag_t common between the kernel and libsel4
* deprecates the existing functions from sel4/messages.h includes
* introduces a new fault API in sel4/faults.h and
* sel4/sel4_arch/faults.h
* deprecates seL4_GetTag(), as the function did not work without
the user calling seL4_SetTag() first (seL4_MessageInfo is passed
in registers and not set in the IPC buffer)
* removes previously deprecated functions (deprecated prior to 3.0.0)
* updates the seL4 manual to reflect the changes

SELFOUR-566: Decouble seL4_DebugNameThread from CONFIG_PRINTING

SELFOUR-449 Implement user stack trace on double fault

Correct separation of printing and debug builds

Fixes some build issues with 541289a32603cee8242b5360b05e8f0c52795433
as well as further allowing debugging (via the capdl interface) to
happen when printing is turned off.

Change casting from int->long to be compatible with both 32 and 64 bit compilations

Add ability to set a human readable thread name when running kernel in debug mode

Release snapshot