Kernel: Enforce W^X more strictly (like PaX MPROTECT)

This patch adds enforcement of two new rules:

- Memory that was previously writable cannot become executable
- Memory that was previously executable cannot become writable

Unfortunately we have to make an exception for text relocations in the
dynamic loader. Since those necessitate writing into a private copy
of library code, we allow programs to transition from RW to RX under
very specific conditions. See the implementation of sys$mprotect()'s
should_make_executable_exception_for_dynamic_loader() for details.

Kernel/VM/Region.cpp

@@ -44,7 +44,7 @@ Region::Region(const Range& range, NonnullRefPtr<VMObject> vmobject, size_t offs
     , m_offset_in_vmobject(offset_in_vmobject)
     , m_vmobject(move(vmobject))
     , m_name(name)
-    , m_access(access)
+    , m_access(access | ((access & 0x7) << 4))
     , m_shared(shared)
     , m_cacheable(cacheable)
     , m_kernel(kernel)