Replace iopl with either empty or full PIO bitmap.

IOPL is useful for granting port IO access to userspace, without sacrificing context switch performance, but allows userspace to disable interrupts. This MR puts a zeroed (full access) 8192-byte bitmap in each KPCR, where access is controlled by setting the iomap base to either 0xFFFF (outside the TSS, so "disabled"), or the bitmap offset.

Since only rings 0 and 3 are used, and EFLAGS.IOPL along with EFLAGS.IF (provided IOPL < 3) are the only flags that userspace can't modify, this will allow the kernel to set IOPL to 0-2 and thus store up to 3 states directly in EFLAGS. That could for example be used to remember whether the current process is being traced, which can be checked extremely cheaply in the syscall asm, in order to divide that function into a fast and slow path.