HBSD: fix jail related DoS, see FreeBSD PR: 196474

Add boundary checking against len parameter in vfs_setopt_part(...).

PoC:
jail -m crashme -c ip4=new persist
jls

Reported-by: Thomas Bartelmess <thomas@bartelmess.io>
Signed-off-by: Oliver Pinter <oliver.pinter@hardenedbsd.org>

sys/kern/vfs_mount.c

@@ -1643,7 +1643,7 @@ vfs_setopt_part(struct vfsoptlist *opts, const char *name, void *value, int len)
 		if (opt->value == NULL)
 			opt->len = len;
 		else {
-			if (opt->len < len)
+			if (len < 0 || opt->len < len)
 				return (EINVAL);
 			opt->len = len;
 			bcopy(value, opt->value, len);