Windows doesn't reconcile "hostNetwork" Pod after agent is restarted

[wenyingd]

Describe the bug

On Windows, a host-network Pod also uses Pod network as long as it is not configured with hostProcess. So antrea-agent receives the CmdAdd request when such a Pod is created. But antrea-agent may not reconcile such Pods after agent is restarted because of this code https://github.com/antrea-io/antrea/blob/main/pkg/agent/cniserver/pod_configuration.go#L449 . It may cause antrea-agent removes the Pod's OVS interface by mistake after agent is restarted.

kubelet has the below logic to set host-process as true if the Pod is using hostNetwork and all containers in it use hostProcess,

// If all of the containers in a pod are HostProcess containers, set the pod's HostProcess field
// explicitly because the container runtime requires this information at sandbox creation time.
if kubecontainer.HasWindowsHostProcessContainer(pod) {
    // At present Windows all containers in a Windows pod must be HostProcess containers
    // and HostNetwork is required to be set.
    if !kubecontainer.AllContainersAreWindowsHostProcess(pod) {
       return nil, fmt.Errorf("pod must not contain both HostProcess and non-HostProcess containers")
    }

    if !kubecontainer.IsHostNetworkPod(pod) {
       return nil, fmt.Errorf("hostNetwork is required if Pod contains HostProcess containers")
    }

    wc.SecurityContext.HostProcess = true
}

And with containerd, it calls CNI with cmdAdd request only if !hostNetwork(config), and hostNetwork is decided by the field spec.securityContext.windowsOptions.hostProcess but not by spec.hostNetwork.

func hostNetwork(config *runtime.PodSandboxConfig) bool {
	var hostNet bool
	switch goruntime.GOOS {
	case "windows":
		// Windows HostProcess pods can only run on the host network
		hostNet = config.GetWindows().GetSecurityContext().GetHostProcess()
	case "darwin":
		// No CNI on Darwin yet.
		hostNet = true
	default:
		// Even on other platforms, the logic containerd uses is to check if NamespaceMode == NODE.
		// So this handles Linux, as well as any other platforms not governed by the cases above
		// that have special quirks.
		hostNet = config.GetLinux().GetSecurityContext().GetNamespaceOptions().GetNetwork() == runtime.NamespaceMode_NODE
	}
	return hostNet
}

To Reproduce

Create a Pod on Windows configuring spec.hostNetwork: true and spec.securityContext.windowsOptions.hostProcess: fase on Windows, it is supposed to observe that antrea-agent CNI server should receive the CmdAdd request.
Then restart antrea-agent, the Pod is supposed to filter-out in the reconciling Pod list.

Expected

antrea-agent should reconcile such Pod after restart, since its CmdAdd request is handled by antrea (CNI).

Actual behavior

Such Pod is not reconciled after restart.

Versions:

All Antrea versions.

Additional context