Mount flags for VM directory share disks are not passed to lxd-agent when hotplugged

[tomponline]

The resulting mount flags (such as ro) used for directory pass-through disks are different depending on whether the disk is hotplugged or available at start time.

lxc init ubuntu-minimal:24.04 v1 -d root,size=5GiB --vm

# Add disk device before VM is started.
lxc config device add v1 foo disk source=/foo path=/mnt readonly=true
lxc start v1
lxc exec v1 -- mount | grep foo
lxd_foo on /mnt type virtiofs (ro,relatime) # `ro` flag is added due to `readonly=true` in device config.

# Add disk whilst VM is running (hotplug).
lxc config device remove v1 foo
lxc exec v1 -- umount /mnt
lxc config device add v1 foo disk source=/foo path=/mnt readonly=true
lxc exec v1 -- mount | grep foo
lxd_foo on /mnt type virtiofs (rw,relatime) # `ro` flag is *not* added even though `readonly=true` in device config.

This is not a security issue because LXD still enforces the read-only nature of the disk on the host side:

lxc exec v1 -- touch /mnt/foo
touch: cannot touch '/mnt/foo': Read-only file system

But it would be nice to be consistent, and in the future we may want to support other mount flags that will need to be passed both at start time and hotplug time.