netmap: harden nmreq option size and overflow checks (defensive)

[SORencber]

Summary: Enforce exact per‑option body size equality; add explicit overflow guards for size arithmetic; reject invalid lengths with EINVAL. Defensive hardening; no API break.

Test Plan: malformed NIOCCTRL (oversized nro_size, invalid types) → EINVAL/ENOTTY/ENXIO; no panic; valid flows unchanged.

Risk: Low; only invalid inputs are rejected earlier.

[AdSchellevis]

hi @SORencber best open a request upstream (https://github.com/freebsd/freebsd-src / https://reviews.freebsd.org/) to avoid future breakage.

[SORencber]

Thanks for the guidance. I’ve submitted the defensive hardening upstream to FreeBSD (link to Differential on reviews.freebsd.org). Keeping this PR open until upstream is accepted, then we can align in OPNsense. No API change; single-file change in sys/dev/netmap/netmap.c

[SORencber]

Submitted upstream
FreeBSD PR: netmap: harden nmreq option size and overflow checks (defensive) freebsd/freebsd-src#1866
All CI checks passed; DCO signed. See upstream PR for details and CI results.
Once merged (and MFC’d to stable/14), we can sync/vendor-pull into OPNsense. If upstream requests tweaks, I’ll mirror the same changes here.
If desired, we can temporarily carry the patch downstream until the upstream merge lands.