TCP-AO: runtime key rotation and multi-key rollover

[lance0]

Context

Current ADR-0062 runtime support installs one static-neighbor TCP-AO key at socket creation. preferred / deprecated are parsed and retained as future rollover metadata, but live key add/delete and multi-key rollover are not implemented.

Follow-up

Implement or explicitly scope runtime TCP-AO rotation semantics.

Acceptance

• Defines how SIGHUP or API changes add/delete MKTs on the listener and active sessions.
• Defines how preferred / deprecated, send_id, and recv_id map to Linux TCP_AO_ADD_KEY, TCP_AO_DEL_KEY, and info state.
• Handles listener add/remove vs accept races explicitly.
• Includes accepted-socket inspection/observability so operators can verify which key IDs are active.
• Preserves fail-closed behavior for configured protected sessions.

[lance0]

#156 deliberately keeps TCP-AO edits restart-required. The conservative boundary is: refuse to pretend SIGHUP changed kernel TCP-AO state, since accepted-socket inheritance and listener MKT deletion/replacement aren't validated yet. This issue should resolve those two prerequisites first (kernel UAPI for live MKT deletion + accepted-socket behavior under MKT change) before any runtime rotation path lands.

[lance0]

Opened #203 as the conservative #159 prerequisite slice: TCP-AO runtime socket-info observability. It adds Linux TCP_AO_INFO inspection, logs current/RNext key IDs and counters for protected active-open and accepted passive sockets, and carries accepted-socket inspection results through the transport boundary. Live key add/delete/rotation remains intentionally deferred until the listener mutation/accept race and fail-closed rollover semantics are designed/tested.