Can't mount mounted block device inside a container: "is not a block device"

Question

I created a container with volume mount to /dev/xvda1:/dev/xvda1 but when I tried to mount it to a folder it doesn't work:

root@ubuntu:/# docker run -v /dev/xvda1:/dev/xvda1 --cap-add=SYS_ADMIN  --security-opt apparmor=unconfined --security-opt seccomp=unconfined --rm -it ubuntu bash
root@690798858fcf:/# mkdir /mnt0
root@690798858fcf:/# ls /dev
console  core  fd  full  mqueue  null  ptmx  pts  random  shm  stderr  stdin  stdout  tty  urandom  xvda1  zero
root@690798858fcf:/# mount /dev/xvda1 /mnt0
mount: /mnt0: /dev/xvda1 already mounted on /etc/resolv.conf.
root@690798858fcf:/# umount /dev/xvda1
root@690798858fcf:/# mount /dev/xvda1 /mnt0
mount: /mnt0: /dev/xvda1 is not a block device; try "-o loop".
root@690798858fcf:/# mount -o loop /dev/xvda1 /mnt0
mount: /mnt0: mount failed: Operation not permitted.

If I create it with --privileged flag it works:

root@ubuntu:/# docker run --privileged --cap-add=SYS_ADMIN  --security-opt apparmor=unconfined --security-opt seccomp=unconfined --rm -it ubuntu bash
root@aa36dd8be903:/# mkdir /mnt0
root@aa36dd8be903:/# mount /dev/xvda1 /mnt0
root@aa36dd8be903:/#

Why -v /dev/xvda1:/dev/xvda1 is not enough?

Info about my system:

# ubuntu image
root@ubuntu:/# uname -r
5.4.0-1034-aws

root@ubuntu:/# docker -v
Docker version 20.10.7, build f0df350  

Answer 1

My colleague found the solution.
Mount was incorrect use. I needed to use the --device switch:

docker run --device=/dev/xvda1 --cap-add=SYS_ADMIN  --security-opt apparmor=unconfined --security-opt seccomp=unconfined --rm -it ubuntu bash