/boot/loader is right up aginst the 500k limit we have to make sure
everything works in a wide variety of environments. However, adding
WITH_BEARSSL can push it over the edge since we are so close to the
limit with it enabled. One may also need to increase LOADERSIZE when
enabling it. It's often safe to go much higher, especially when you
don't plan on using pxeldr. Document this trade off here.
Sponsored by: Netflix