Add ReadOnly support for VirtioFS mounts

[JAORMX]

Summary

• Adds ReadOnly bool field to VirtioFSMount and plumbs it through the full type chain: microvm.VirtioFSMount → hypervisor.FilesystemMount → runner.VirtioFSMount → runner binary duplicate → guest boot config
• Guest-side enforcement via MS_RDONLY mount flags in mount.Workspace()
• Host-to-guest communication via vmconfig.Config.VirtioFSMounts (written to /etc/go-microvm.json)
• Runner logs a warning when ReadOnly is requested but can't be enforced host-side (libkrun limitation)
• Fixes chown-after-read-only-mount bug (would have returned EROFS on every read-only workspace)
• Documents that enforcement is guest-side only; a compromised guest kernel could bypass it

Closes #53

Details

Why guest-side only? libkrun's krun_add_virtiofs C API has no read-only parameter. The upstream virtiofsd has a PassthroughFsRo wrapper but libkrun's vendored copy doesn't include it. An upstream PR to add host-side support would provide defense-in-depth.

Files changed (18):

• 5 struct definitions updated with ReadOnly bool
• 3 conversion functions updated to pass through the field
• guest/mount/mount.go — adds MS_RDONLY flag, skips chown on read-only mounts, unmounts on chown failure
• guest/vmconfig/vmconfig.go — new VirtioFSMountInfo type for host→guest metadata
• microvm.go — buildVMConfig() writes read-only mount info to guest config
• guest/boot/options.go — new WithWorkspaceReadOnly() option
• runner/cmd/.../main.go — warning log for host-side enforcement gap

Test plan

• task fmt — no formatting changes
• task lint — 0 issues
• task test-nocgo — all tests pass
• CGO_ENABLED=0 go vet — clean
• Integration test with actual VM (requires libkrun)

🤖 Generated with Claude Code