feat(memctx): persist kcr3 to fast-restart without a cold rescan

The cold host_bootstrap hunts the agent beacon across physical RAM and is
slow and unstable: after a restart the adapter re-scans from scratch, minutes
in which there is no address-space context to vend, though the guest is long
booted and its System DTB (kcr3) is unchanged.

Cache the kcr3 from a successful live scan in a watch-dir sibling of the slot
map (tmpfs: survives a restart, dies with the RAM file on host reboot). On
attach, re-validate the cached kcr3 against the live RAM via an O_RDONLY
context (open_ro_fd, which bypasses the beacon scan) plus a System-cr3 match,
and publish the read datum immediately when it still resolves the kernel. A
guest reboot changes the System DTB, so a stale kcr3 no longer resolves and
falls back to a cold scan: the boot-session discriminator is the kcr3 itself,
not file metadata.

The gva_write target is never taken from the cache: it is set only by a fresh
live scan, so a persisted kcr3 is a read locator only and MEMWRITE stays
fail-closed until a cold bootstrap acquires the write hold.

Persist is off unless the path is supplied (NULL keeps current behaviour).

Bump 0.3.12.

CMakeLists.txt

@@ -1,7 +1,7 @@
 cmake_minimum_required(VERSION 3.16)
 # Single source of truth for the version: CI passes -DVMSIG_VERSION=${TAG#v}, so the project
 # version (-> libvgpu-perception SONAME/.so version) and the .deb version come from one tag.
-set(VMSIG_VERSION "0.3.11" CACHE STRING "Release version (MAJOR.MINOR.PATCH); CI passes the tag")
+set(VMSIG_VERSION "0.3.12" CACHE STRING "Release version (MAJOR.MINOR.PATCH); CI passes the tag")
 project(vmsig VERSION ${VMSIG_VERSION} LANGUAGES C)
 
 set(CMAKE_C_STANDARD 17)