Change IPsec default policy to be allocated on module initialization,
instead of using static variable. Since each security policy can be
cached in PCB, static variable becomes invalid after module unload.
When module is loaded again, the cache will be invalidated, and this
leads to access to invalid memory. Now default security policy is
allocated on module initialization like all another policies. And
such policies will be kept until last reference isn't released on
next cache invalidation.

Also modify corresponding sysctl variables to be SYSCTL_PROC.