dboot should check boot archive integrity
For a variety of reasons including machine-specific firmware bugs, bootloader bugs, or simple administrative error, it is possible for the boot archive loaded from boot media to be corrupt or incomplete. It would be useful to have a mechanism by which the integrity of that archive could be quickly checked prior to booting. This mechanism should be opt-in and backward-compatible with existing valid configurations.
If more than one multiboot module is provided by the boot loader, we should treat the last as a file containing a SHA-1 hash in ASCII format on a single line by itself for each previous module in the same order, and verify that the module(s) as loaded matches the hash(es). If not, we should refuse to boot and display an error message (i.e., dboot_panic()). The contents of the hash module are already reclaimed by the kernel when discarding boot memory, so there is no change in memory consumption at runtime. Note that at present the kernel ignores modules beyond the first, and there is no expectation that multiple modules, other than the hash module, will be utilised in the future.
If there is only one multiboot module, nothing changes relative to existing behaviour.