hpt27xx: plug info leak in hpt_ioctl

The hpt27xx ioctl handler allocates a buffer without M_ZERO and calls
hpt_do_ioctl(), which might not overwrite the entire buffer.

Also zero bytesReturned in case it is not written by hpt_do_ioctl().

The hpt27xx device has permissions only for root so this is not urgent,
and the fix can be MFCd and considered for a future EN.

Reported by: Ilja van Sprundel <ivansprundel@ioactive.com>
Submitted by: Domagoj Stolfa <domagoj.stolfa@gmail.com> (M_ZERO)
Reviewed by: jhb, kib
MFC after: 3 days
Security: info leak in root-only ioctl
Sponsored by: The FreeBSD Foundation