Avoid using 1GB mappings for the identity map that we use in the early

Avoid using 1GB mappings for the identity map that we use in the early
kernel bootstrap phase and when booting the secondary CPUs.  This avoids
accidentally mapping memory regions that should not be mapped (i.e. secure
memory) as all mapped memory can be accessed speculatively.

To allow the kernel to be loaded at arbitrary physical addresses (and
arbitrary virtual addresses in the future) make sure the code that builds
the page tables can handle mapping a block of memory that straddles a
1GB or 512GB boundary.  This involves using two pagetable pages at all
levels except the top level and changing the link_l1_pagetable function
to accept an entry count just like link_l0_pagetable already does.

ok patrick@