Make sequence number of esp header MP-safe for IPsec Tx side. reviewed by ozaki-r@n.o

In IPsec Tx side, one Security Association can be used by multiple CPUs.
On the other hand, in IPsec Rx side, one Security Association is used
by only one CPU.

XXX pullup-{8,9}

sys/netipsec/xform_esp.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_esp.c,v 1.100 2020/06/30 04:14:55 riastradh Exp $	*/
+/*	$NetBSD: xform_esp.c,v 1.101 2020/10/05 09:51:25 knakahara Exp $	*/
 /*	$FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
 
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.100 2020/06/30 04:14:55 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.101 2020/10/05 09:51:25 knakahara Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -796,11 +796,12 @@ esp_output(struct mbuf *m, const struct ipsecrequest *isr, struct secasvar *sav,
 
 #ifdef IPSEC_DEBUG
 		/* Emulate replay attack when ipsec_replay is TRUE. */
-		if (!ipsec_replay)
+		if (ipsec_replay)
+			replay = htonl(sav->replay->count);
+		else
 #endif
-			sav->replay->count++;
+			replay = htonl(atomic_inc_32_nv(&sav->replay->count));
 
-		replay = htonl(sav->replay->count);
 		memcpy(mtod(mo,char *) + roff + sizeof(uint32_t), &replay,
 		    sizeof(uint32_t));
 	}