Various improvements to interactions with user-provided handles

[OneBlue]

Summary of the Pull Request

This change brings improvements to the way the service deals with user handles.

1. Keep a list of "in progress" user handles, so we can cancel any stuck IO when the session terminates
2. Reduce the permissions of duplicated handles to and from user processes

PR Checklist

• Closes: Link to issue #xxx
• Communication: I've discussed this with core contributors already. If work hasn't been agreed, this work might be rejected
• Tests: Added/updated if needed and all pass
• Localization: All end user facing strings can be localized
• Dev docs: Added/updated if needed
• Documentation updated: If checked, please file a pull request on our docs repo and link it here: #xxx

Detailed Description of the Pull Request / Additional comments

Validation Steps Performed

[Copilot]

Pull request overview

This PR improves WSLA service handling of user-provided handles by (1) attempting to unblock session termination when operations are using user handles, and (2) reducing access rights when duplicating handles between the service and client processes.

Changes:

• Add UserHandle RAII + session tracking of in-flight user handles, and invoke cancellation during WSLASession::Terminate().
• Reduce access rights on duplicated handles (both from caller → service and service → caller) to least-needed flags.
• Add a WSLA test intended to validate cancellation/unblocking behavior for synchronous I/O scenarios.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
test/windows/WSLATests.cpp	Adds a new test covering session termination while a user-handle I/O operation is blocked.
src/windows/wslasession/WSLASession.h	Introduces UserHandle and per-session tracking of user handles undergoing I/O.
src/windows/wslasession/WSLASession.cpp	Implements UserHandle, OpenUserHandle/ReleaseUserHandle, and termination-time cancellation logic; updates call sites to use reduced-access user handle duplication.
src/windows/wslasession/WSLAContainer.cpp	Reduces access when duplicating stdin/stdout/stderr/tty handles back to the client; uses OpenUserHandle for export output.
src/windows/common/wslutil.h	Extends DuplicateHandleFromCallingProcess to accept an optional desired access mask.
src/windows/common/wslutil.cpp	Implements the desired-access behavior for DuplicateHandleFromCallingProcess.

[Copilot]

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.

Comments suppressed due to low confidence (1)

src/windows/wslasession/WSLASession.cpp:639

• OpenUserHandle is now called from ImportImageImpl/SaveImageImpl, but ImportImage/LoadImage/SaveImage hold m_lock (shared) while calling these helpers. Terminate now takes m_userHandlesLock and then later takes m_lock exclusively; that creates a lock-order inversion (m_lock -> m_userHandlesLock in Import/Save vs m_userHandlesLock -> m_lock in Terminate) and can deadlock during session termination. Consider moving OpenUserHandle calls out of the code paths that execute under m_lock (e.g., open the user handle before acquiring m_lock, or release/reset m_lock before running the long I/O/relay portion, similar to WSLAContainerImpl::Export).

    auto lock = m_lock.lock_shared();

    THROW_HR_IF(HRESULT_FROM_WIN32(ERROR_INVALID_STATE), !m_dockerClient.has_value());

    auto requestContext = m_dockerClient->ImportImage(repo, tag.value(), ContentSize);

    ImportImageImpl(*requestContext, ImageHandle);
    return S_OK;
}
CATCH_RETURN();

void WSLASession::ImportImageImpl(DockerHTTPClient::HTTPRequestContext& Request, ULONG InputHandle)
{
    auto userHandle = OpenUserHandle(InputHandle, GENERIC_READ | SYNCHRONIZE);

    THROW_HR_IF(HRESULT_FROM_WIN32(ERROR_INVALID_STATE), !m_dockerClient.has_value());

    auto io = CreateIOContext();