kern_malloc: Restore working KASAN runtime after free() and zfree() folding

In the zfree() case, the explicit_bzero() calls zero all the allocation,
including the redzone which malloc() has marked as invalid.  So calling
kasan_mark() before those is in fact necessary.

This fixes a crash at boot when 'ldconfig' is run and tries to get
random bytes through getrandom() (relevant part of the stack is
read_random_uio() -> zfree() -> explicit_bzero()) for kernels with KASAN
compiled in.

Approved by:    markj (mentor)
Fixes:		4fab5f0054 ("kern_malloc: fold free and zfree together into one __always_inline func")
MFC after:      10 days
MFC with:       4fab5f0054
Sponsored by:   The FreeBSD Foundation

sys/kern/kern_malloc.c

@@ -940,14 +940,18 @@ _free(void *addr, struct malloc_type *mtp, bool dozero)
 #if defined(INVARIANTS) && !defined(KASAN)
 		free_save_type(addr, mtp, size);
 #endif
-		if (dozero)
+		if (dozero) {
+			kasan_mark(addr, size, size, 0);
 			explicit_bzero(addr, size);
+		}
 		uma_zfree_arg(zone, addr, slab);
 		break;
 	case SLAB_COOKIE_MALLOC_LARGE:
 		size = malloc_large_size(slab);
-		if (dozero)
+		if (dozero) {
+			kasan_mark(addr, size, size, 0);
 			explicit_bzero(addr, size);
+		}
 		free_large(addr, size);
 		break;
 	case SLAB_COOKIE_CONTIG_MALLOC: