mount/VFS: make diskfs non-destructive; fix error propagation and syscall safety

mount/VFS: make diskfs non-destructive; fix error propagation and syscall safety

Patch 1 (CRITICAL): diskfs_super_load now returns -ENODEV on bad
magic and -EINVAL on unknown version instead of auto-formatting.
Added diskfs_format() as explicit separate function.  diskfs_create_root
preserves auto-format for blank disks (boot/battery test), but
autodetect probing uses new diskfs_probe() which is non-destructive.

Patch 2: Autodetect order changed from {diskfs,fat,ext2} to
{ext2,fat,diskfs}.  diskfs_probe() checked before diskfs_create_root
in autodetect path, preventing corruption of FAT/ext2 disks.

Patch 3: init_mount_fs returns negative errno (-EINVAL, -ENODEV)
instead of -1.  sys_mount passes through rc directly instead of
converting all errors to -EIO.

Patch 4: fulltest sys_mount wrapper now passes flags=0 as 4th
argument via esi register, preventing garbage MS_REMOUNT bits.

Patch 5: vfs_mount_nolock_full reordered to check existing entry
(remount) before table-full check, preventing -ENOSPC on remount.
All strncpy calls now have explicit NUL-termination.

Patch 6: mount userland requires -t fstype (no more diskfs default),
warns on unknown -o options.

Patch 7: Added copy_user_cstr() helper for byte-by-byte C-string
copy from userspace with -ENAMETOOLONG on overflow.  Replaces
fixed-size copy_from_user for mount syscall strings.