ktls_enable_rx() and ktls_enable_tx() have checks to return EALREADY if
the socket already has KTLS enabled. However, these are done without
any locks held and nothing blocks concurrent attempts to set the socket
option. I believe the worst outcome of the race is leaked memory.

Fix the problem by rechecking under the sockbuf lock. While here,
unify the locking protocol for sb_tls_info: require both the sockbuf and
socket I/O locks in order to enable KTLS. This means that either lock
is sufficient for checking whether KTLS is enabled in a given sockbuf,
which simplifies some refactoring further down the road.

Note that the SOLISTENING() check can go away because
SOCK_IO_RECV_LOCK() atomically locks the socket buffer and checks
whether the socket is a listening socket. This changes the errno value,
so update a test which checks it.