Add P2 daemon hardening patches and wire into base recipe

215 fixes across 33 Rust source files replacing unwrap/expect/panic
with graceful error handling in init, all boot-critical daemons,
and the six graphics driver packages. Fixes inverted scheduler
conditions_met() logic that prevented rootfs from mounting.

local/patches/base/P2-daemon-ready-graceful.patch

@@ -0,0 +1,27 @@
+diff --git a/daemon/src/lib.rs b/daemon/src/lib.rs
+--- a/daemon/src/lib.rs
++++ b/daemon/src/lib.rs
+@@ -52,7 +52,11 @@
+ 
+     /// Notify the process that the daemon is ready to accept requests.
+     pub fn ready(mut self) {
+-        self.write_pipe.write_all(&[0]).unwrap();
++        if let Err(err) = self.write_pipe.write_all(&[0]) {
++            if err.kind() != io::ErrorKind::BrokenPipe {
++                eprintln!("daemon::ready write failed: {err}");
++            }
++        }
+     }
+ 
+     /// Executes `Command` as a child process.
+diff --git a/randd/src/main.rs b/randd/src/main.rs
+--- a/randd/src/main.rs
++++ b/randd/src/main.rs
+@@ -83,7 +83,7 @@
+     } // TODO integrate alternative entropy sources
+     if !have_seeded {
+-        println!("randd: Seeding failed, no entropy source.  Random numbers on this platform are NOT SECURE");
++        eprintln!("randd: no hardware entropy source, random numbers are NOT SECURE");
+     }
+     rng
+ }

recipes/core/base/P2-daemon-hardening.patch

@@ -0,0 +1 @@
+../../../local/patches/base/P2-daemon-hardening.patch

recipes/core/base/P2-daemon-ready-graceful.patch

@@ -0,0 +1 @@
+../../../local/patches/base/P2-daemon-ready-graceful.patch

recipes/core/base/recipe.toml

@@ -1,7 +1,7 @@
 [source]
 git = "https://gitlab.redox-os.org/redox-os/base.git"
 rev = "463f76b9608a896e6f6c9f63457f57f6409873c7"
-patches = ["redox.patch", "P2-boot-runtime-fixes.patch", "P2-acpi-i2c-resources.patch"]
+patches = ["redox.patch", "P2-boot-runtime-fixes.patch", "P2-acpi-i2c-resources.patch", "P2-daemon-ready-graceful.patch", "P2-daemon-hardening.patch"]
 
 [build]
 template = "custom"