FFS extattr: fix handling of the tail
There are three issues with change that stopped truncating ea area before
write, and resulted in possible zero tail in the ea area:
- Truncate to zero checked i_ea_len after the reference was dropped, making the last drop effectively truncate to zero length always.
- Loop to fill uio for zeroing specified too large length, that triggered assert in normal situation.
- Integrity check could trip over the tail, instead we must allow partial header or header with zero length, and clamp ea image in memory at it.
Reported by: arichardson
Tested by: arichardson, pho
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D28999