[$] Hardened usercopy whitelisting

There are many ways to attempt to subvert an operating-system kernel. Oneparticularly effective way, if it can be arranged, is to attack theoperations that copy data between user-space and kernel-space memory. Ifthe kernel can be fooled into copying too much data back to user space, theresult can be an information-disclosure vulnerability. Errors in the otherdirection can be even worse, overwriting kernel memory withattacker-controlled data. The kernel has gained some defenses against thissort of attack in recent development cycles, but there is more work yet tobe merged.