[NTOS:CM] Implement registry validation checks & registry healing

[GeoB99]

!!!WORK IN PROGRESS, STAY TUNED FOR UPDATES!!!

CmCheckRegistry is a vital kernel routine that provides the brains and heart mechanism of registry validation, namely the CM hive, the hive and corresponding bins and cells and whatnot. CmCheckRegistry comes into action when logs have been replayed and more specifically when certain actions have occurred such as hive initialization, key flushing, key saving, key restoring and whatnot.

CmCheckRegistry is an essential routine that provides the bulk of registry healing and a piece of puzzle among others to achieve that. This routine works dependently based upon a bit flag that is passed to Flags parameter. The following flags are:

• CM_CHECK_REGISTRY_DONT_PURGE_VOLATILES -- Don't do any volatile purges
• CM_CHECK_REGISTRY_PURGE_VOLATILES -- Purge out volatile information data from a registry hive, on-demand
• CM_CHECK_REGISTRY_BOOTLOADER_PURGE_VOLATILES -- Purge out bootloader related volatile data, whatever that is
• CM_CHECK_REGISTRY_VALIDATE_HIVE -- Perform hive validation checks and thorough analyzing of hive's bins and cells, HvValidateHive will be triggered in this case

CmCheckRegistry performs the following actions in this strict order:

• Validate the hive if requested by submitting the CM_CHECK_REGISTRY_VALIDATE_HIVE flag, from there each bin internal structure header is validated for correctness (non-corrupt), size and if it's mapped, that cells sizes make sense and cells pointers, etc.
• Validate and analyze the security descriptor of each hive block, in accordance with the requirements imposed by the Security subsystem (aka Se) with RtlValidSecurityDescriptor routine. A security descriptor that went to shit will be reported as such and security information will be defaulted accordingly. From there, security caching comes into play.
• Perform deep recursive registry checking, the key is also validated. Lexicographical order is also validated.

TODO

For the last point, apparently there's quite some stuff in our Configuration Manager of the kernel that are a stub or barely implemented at all in the kernel, namely map view of hives and security caching support and stuff. All of this further work has to be shipped separately in different PRs.

• [x] Implement HvValidateHive
• [x] Implement HvValidateBin
• ~~[ ] Implement security descriptor validation~~ (to be implemented on a separate PR in the future)
• [x] Implement deep checking of the registry
• [x] Implement key validation, value lists, lexicographical order, etc
• [x] Implement registry self healing (CmSelfHeal and CmpBootType switch indicators)
• [ ] Implement bootloader hive healing & recovery
• [ ] Implement log transaction & other necessary code
• [x] Fix registry lazy flushing
• [ ] Do more investigations for missing implementations of stuff in Configuration Manager that prevent the further progress of the implementation of registry checking itself

JIRA Issues: CORE-9195, CORE-6762, CORE-18303