Core firmware split

[cepetr]

This PR introduces a significant conceptual change to our Trezor firmware. It divides the firmware into two parts: a privileged and an unprivileged section. We refer to these as the kernel and the coreapp.

The kernel includes all hardware drivers, storage management, and necessary cryptographic functions. It operates in privileged mode, providing interfaces to the less trusted coreapp via approximately 100 syscalls.

The coreapp contains the MicroPython core, MicroPython applications, and the Rust-based UI. It runs entirely in unprivileged mode, with no direct access to hardware, except for DMA2D in its current implementation.

Kernel and coreapp are built as two separate applications but eventually glued together by build scripts as a single binary. So you can make firmware as before with no change at the first glance.

Benefits:

1. Enhanced security by separating the trusted kernel from the untrusted coreapp.
2. Enhanced security by enabling access to specific memory regions (storage, OTP, secrets) only on demand, reducing the risk of random overwrites).
3. Improved maintainability, with a clearer separation of concerns between hardware-level operations and application logic.

Known issues:

1. Syscall arguments are currently not verified.
2. TrustZone settings need to be updated to reflect the new architecture.

These issues need to be resolved soon, but they do not have a significant impact on security at the moment, as they have not been addressed in the firmware until now.

This PR brings also a lot of changes and improvements to drivers code:

1. Improved display driver API (preparation for init/deinit sequence)
2. Refactored interrupt handling routines API, reduced number of used priorities.
3. New systick driver that offer more precise time measurement.
4. New systimer for scheduling timer callbacks for background operations.
5. New i2c_bus driver, enabling non-blocking i2c operations
6. New mpu driver for region banking, that overcomes cortex-m cpu limitations.
7. New systask module, which allows manuall switching between privileged and unprivileged tasks
8. New system module with more reliable error handling (emergency mode)
9. Completely refactored and simplified linker scripts and startup codes.

[TychoVrahe]

First part of the review, focusing mainly on drivers up to introduction of non-blocking i2c driver, of which the review is not yet complete.

[TychoVrahe]

some more stuff related to drivers part, up to and excluding the new mpu driver.

[TychoVrahe]

some more issues/questions related to the last part - mpu, split and tasks+etc.