The kernel's veriexec manifest parser behaves differently from the
loader's in two ways: It does not honor "no_hash", and it does not
handle compressed entries. The kernel emits "Failed to parse entry"
messages during boot, even though the entry is well formed and works
in the loader. Fix these compatibility issues to silence the
messages.
If an entry is marked "no_hash", ignore it, as the loader does.
If the file referenced by an entry doesn't exist, but the same file
name plus a ".gz" extension does exist, ignore the entry. The
loader handles these in a more useful way, but kldload cannot load
compressed kernel modules, so just silence the warning message. If
kldload ever grows support for compressed modules, we will need to
revisit this.