Refactor dbuf_read() for safer decryption

In dbuf_read_verify_dnode_crypt():

• We don't need original dbuf locked there. Instead take a lock

on a dnode dbuf, that is actually manipulated.

• Block decryption for a dnode dbuf if it is currently being

written. ARC hash lock does not protect anonymous buffers, so
arc_untransform() is unsafe when used on buffers being written,
that may happen in case of encrypted dnode buffers, since they
are not copied by dbuf_dirty()/dbuf_hold_copy().

In dbuf_read():

• If the buffer is in flight, recheck its compression/encryption

status after it is cached, since it may need arc_untransform().

Tested-by: Rich Ercolani <rincebrain@gmail.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Sponsored by: iXsystems, Inc.
Closes #16104