@@ -63,7 +63,7 @@ require (

 	github.com/miekg/dns v1.1.61

 	github.com/mistifyio/go-zfs/v3 v3.0.1

 	github.com/mitchellh/copystructure v1.2.0

-	github.com/moby/buildkit v0.20.0-rc2

+	github.com/moby/buildkit v0.20.0-rc3

 	github.com/moby/docker-image-spec v1.3.1

 	github.com/moby/ipvs v1.1.0

 	github.com/moby/locker v1.0.1

@@ -383,8 +383,8 @@ github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:F

 github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=

 github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=

 github.com/mndrix/tap-go v0.0.0-20171203230836-629fa407e90b/go.mod h1:pzzDgJWZ34fGzaAZGFW22KVZDfyrYW+QABMrWnJBnSs=

-github.com/moby/buildkit v0.20.0-rc2 h1:QjACghvG0pSAp7dk9aQMYWioDEOljDWyyoUjyg35qfg=

-github.com/moby/buildkit v0.20.0-rc2/go.mod h1:kMXf90l/f3zygRK8bYbyetfyzoJYntb6Bpi2VsLfXgQ=

+github.com/moby/buildkit v0.20.0-rc3 h1:iExrfuZZuFgFudeNJhXfp/5vzJWTNrlqZ/LYJk4dG2Q=

+github.com/moby/buildkit v0.20.0-rc3/go.mod h1:kMXf90l/f3zygRK8bYbyetfyzoJYntb6Bpi2VsLfXgQ=

 github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=

 github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=

 github.com/moby/ipvs v1.1.0 h1:ONN4pGaZQgAx+1Scz5RvWV4Q7Gb+mvfRh3NsPS+1XQQ=

@@ -63,10 +63,6 @@ func getConfig(attrs map[string]string) (*Config, error) {

 	if !ok {

 		scope = "buildkit"

 	}

-	url, ok := attrs[attrURL]

-	if !ok {

-		return nil, errors.Errorf("url not set for github actions cache")

-	}

 	token, ok := attrs[attrToken]

 	if !ok {

 		return nil, errors.Errorf("token not set for github actions cache")

@@ -80,12 +76,19 @@ func getConfig(attrs map[string]string) (*Config, error) {

 		}

 		apiVersionInt = int(i)

 	}

+	var url string

 	if apiVersionInt != 1 {

 		if v, ok := attrs[attrURLV2]; ok {

 			url = v

 			apiVersionInt = 2

 		}

 	}

+	if v, ok := attrs[attrURL]; ok && url == "" {

+		url = v

+	}

+	if url == "" {

+		return nil, errors.Errorf("url not set for github actions cache")

+	}

 	// best effort on old clients

 	if apiVersionInt == 0 {

 		if strings.Contains(url, "results-receiver.actions.githubusercontent.com") {

@@ -7,6 +7,7 @@ import (

 	"io"

 	"maps"

 	"os"

+	"slices"

 	"strings"

 	"time"

@@ -24,7 +25,6 @@ import (

 	"github.com/moby/buildkit/solver/pb"

 	spb "github.com/moby/buildkit/sourcepolicy/pb"

 	"github.com/moby/buildkit/util/bklog"

-	"github.com/moby/buildkit/util/entitlements"

 	ocispecs "github.com/opencontainers/image-spec/specs-go/v1"

 	"github.com/pkg/errors"

 	"github.com/tonistiigi/fsutil"

@@ -45,7 +45,7 @@ type SolveOpt struct {

 	CacheExports          []CacheOptionsEntry

 	CacheImports          []CacheOptionsEntry

 	Session               []session.Attachable

-	AllowedEntitlements   []entitlements.Entitlement

+	AllowedEntitlements   []string

 	SharedSession         *session.Session // TODO: refactor to better session syncing

 	SessionPreInitialized bool             // TODO: refactor to better session syncing

 	Internal              bool

@@ -277,7 +277,7 @@ func (c *Client) solve(ctx context.Context, def *llb.Definition, runGateway runG

 			FrontendAttrs:           frontendAttrs,

 			FrontendInputs:          frontendInputs,

 			Cache:                   &cacheOpt.options,

-			Entitlements:            entitlementsToPB(opt.AllowedEntitlements),

+			Entitlements:            slices.Clone(opt.AllowedEntitlements),

 			Internal:                opt.Internal,

 			SourcePolicy:            opt.SourcePolicy,

 		})

@@ -553,11 +553,3 @@ func prepareMounts(opt *SolveOpt) (map[string]fsutil.FS, error) {

 	}

 	return mounts, nil

 }

-

-func entitlementsToPB(entitlements []entitlements.Entitlement) []string {

-	clone := make([]string, len(entitlements))

-	for i, e := range entitlements {

-		clone[i] = string(e)

-	}

-	return clone

-}

@@ -77,8 +77,9 @@ type OTELConfig struct {

 }

 type CDIConfig struct {

-	Disabled *bool    `toml:"disabled"`

-	SpecDirs []string `toml:"specDirs"`

+	Disabled    *bool    `toml:"disabled"`

+	SpecDirs    []string `toml:"specDirs"`

+	AutoAllowed []string `toml:"autoAllowed"`

 }

 type GCConfig struct {

@@ -695,7 +695,7 @@ func toPBCDIDevices(manager *cdidevices.Manager) []*apitypes.CDIDevice {

 	for _, dev := range devs {

 		out = append(out, &apitypes.CDIDevice{

 			Name:        dev.Name,

-			AutoAllow:   true, // TODO

+			AutoAllow:   dev.AutoAllow,

 			Annotations: dev.Annotations,

 			OnDemand:    dev.OnDemand,

 		})

@@ -138,7 +138,7 @@ func (b *llbBridge) loadResult(ctx context.Context, def *pb.Definition, cacheImp

 	}

 	dpc := &detectPrunedCacheID{}

-	edge, err := Load(ctx, def, polEngine, dpc.Load, ValidateEntitlements(ent), WithCacheSources(cms), NormalizeRuntimePlatforms(), WithValidateCaps())

+	edge, err := Load(ctx, def, polEngine, dpc.Load, ValidateEntitlements(ent, w.CDIManager()), WithCacheSources(cms), NormalizeRuntimePlatforms(), WithValidateCaps())

 	if err != nil {

 		return nil, errors.Wrap(err, "failed to load LLB")

 	}

@@ -2,6 +2,7 @@ package cdidevices

 import (

 	"context"

+	"strconv"

 	"strings"

 	"github.com/moby/buildkit/solver/pb"

@@ -13,7 +14,10 @@ import (

 	"tags.cncf.io/container-device-interface/pkg/parser"

 )

-const deviceAnnotationClass = "org.mobyproject.buildkit.device.class"

+const (

+	deviceAnnotationClass     = "org.mobyproject.buildkit.device.class"

+	deviceAnnotationAutoAllow = "org.mobyproject.buildkit.device.autoallow"

+)

 var installers = map[string]Setup{}

@@ -35,17 +39,38 @@ type Device struct {

 }

 type Manager struct {

-	cache  *cdi.Cache

-	locker *locker.Locker

+	cache       *cdi.Cache

+	locker      *locker.Locker

+	autoAllowed map[string]struct{}

 }

-func NewManager(cache *cdi.Cache) *Manager {

+func NewManager(cache *cdi.Cache, autoAllowed []string) *Manager {

+	m := make(map[string]struct{})

+	for _, d := range autoAllowed {

+		m[d] = struct{}{}

+	}

 	return &Manager{

-		cache:  cache,

-		locker: locker.New(),

+		cache:       cache,

+		locker:      locker.New(),

+		autoAllowed: m,

 	}

 }

+func (m *Manager) isAutoAllowed(kind, name string, annotations map[string]string) bool {

+	if _, ok := m.autoAllowed[name]; ok {

+		return true

+	}

+	if _, ok := m.autoAllowed[kind]; ok {

+		return true

+	}

+	if v, ok := annotations[deviceAnnotationAutoAllow]; ok {

+		if b, err := strconv.ParseBool(v); err == nil && b {

+			return true

+		}

+	}

+	return false

+}

+

 func (m *Manager) ListDevices() []Device {

 	devs := m.cache.ListDevices()

 	out := make([]Device, 0, len(devs))

@@ -53,10 +78,11 @@ func (m *Manager) ListDevices() []Device {

 	for _, dev := range devs {

 		kind, _, _ := strings.Cut(dev, "=")

 		dd := m.cache.GetDevice(dev)

+		annotations := deviceAnnotations(dd)

 		out = append(out, Device{

 			Name:        dev,

-			AutoAllow:   true, // TODO

-			Annotations: deviceAnnotations(dd),

+			AutoAllow:   m.isAutoAllowed(kind, dev, annotations),

+			Annotations: annotations,

 		})

 		kinds[kind] = struct{}{}

 	}

@@ -69,20 +95,31 @@ func (m *Manager) ListDevices() []Device {

 			continue

 		}

 		out = append(out, Device{

-			Name:     k,

-			OnDemand: true,

+			Name:      k,

+			OnDemand:  true,

+			AutoAllow: true,

 		})

 	}

 	return out

 }

+func (m *Manager) GetDevice(name string) Device {

+	kind, _, _ := strings.Cut(name, "=")

+	annotations := deviceAnnotations(m.cache.GetDevice(name))

+	return Device{

+		Name:        name,

+		AutoAllow:   m.isAutoAllowed(kind, name, annotations),

+		Annotations: annotations,

+	}

+}

+

 func (m *Manager) Refresh() error {

 	return m.cache.Refresh()

 }

 func (m *Manager) InjectDevices(spec *specs.Spec, devs ...*pb.CDIDevice) error {

-	pdevs, err := m.parseDevices(devs...)

+	pdevs, err := m.FindDevices(devs...)

 	if err != nil {

 		return err

 	} else if len(pdevs) == 0 {

@@ -93,13 +130,17 @@ func (m *Manager) InjectDevices(spec *specs.Spec, devs ...*pb.CDIDevice) error {

 	return err

 }

-func (m *Manager) parseDevices(devs ...*pb.CDIDevice) ([]string, error) {

+func (m *Manager) FindDevices(devs ...*pb.CDIDevice) ([]string, error) {

 	var out []string

+	if len(devs) == 0 {

+		return out, nil

+	}

+	list := m.cache.ListDevices()

 	for _, dev := range devs {

 		if dev == nil {

 			continue

 		}

-		pdev, err := m.parseDevice(dev)

+		pdev, err := m.parseDevice(dev, list)

 		if err != nil {

 			return nil, err

 		} else if len(pdev) == 0 {

@@ -110,7 +151,7 @@ func (m *Manager) parseDevices(devs ...*pb.CDIDevice) ([]string, error) {

 	return dedupSlice(out), nil

 }

-func (m *Manager) parseDevice(dev *pb.CDIDevice) ([]string, error) {

+func (m *Manager) parseDevice(dev *pb.CDIDevice, all []string) ([]string, error) {

 	var out []string

 	kind, name, _ := strings.Cut(dev.Name, "=")

@@ -127,7 +168,7 @@ func (m *Manager) parseDevice(dev *pb.CDIDevice) ([]string, error) {

 	switch name {

 	case "":

 		// first device of kind if no name is specified

-		for _, d := range m.cache.ListDevices() {

+		for _, d := range all {

 			if strings.HasPrefix(d, kind+"=") {

 				out = append(out, d)

 				break

@@ -135,14 +176,14 @@ func (m *Manager) parseDevice(dev *pb.CDIDevice) ([]string, error) {

 		}

 	case "*":

 		// all devices of kind if the name is a wildcard

-		for _, d := range m.cache.ListDevices() {

+		for _, d := range all {

 			if strings.HasPrefix(d, kind+"=") {

 				out = append(out, d)

 			}

 		}

 	default:

 		// the specified device

-		for _, d := range m.cache.ListDevices() {

+		for _, d := range all {

 			if d == dev.Name {

 				out = append(out, d)

 				break

@@ -150,7 +191,7 @@ func (m *Manager) parseDevice(dev *pb.CDIDevice) ([]string, error) {

 		}

 		if len(out) == 0 {

 			// check class annotation if name unknown

-			for _, d := range m.cache.ListDevices() {

+			for _, d := range all {

 				if !strings.HasPrefix(d, kind+"=") {

 					continue

 				}

@@ -214,6 +255,9 @@ func (m *Manager) OnDemandInstaller(name string) (func(context.Context) error, b

 			return errors.Wrapf(err, "failed to refresh CDI cache")

 		}

+		// TODO: this needs to be set as annotation to survive reboot

+		m.autoAllowed[name] = struct{}{}

+

 		return nil

 	}, true

 }

@@ -1110,19 +1110,26 @@ func supportedEntitlements(ents []string) []entitlements.Entitlement {

 		if e == string(entitlements.EntitlementSecurityInsecure) {

 			out = append(out, entitlements.EntitlementSecurityInsecure)

 		}

+		if e == string(entitlements.EntitlementDevice) {

+			out = append(out, entitlements.EntitlementDevice)

+		}

 	}

 	return out

 }

 func loadEntitlements(b solver.Builder) (entitlements.Set, error) {

-	var ent entitlements.Set = map[entitlements.Entitlement]struct{}{}

+	var ent entitlements.Set = map[entitlements.Entitlement]entitlements.EntitlementsConfig{}

 	err := b.EachValue(context.TODO(), keyEntitlements, func(v interface{}) error {

 		set, ok := v.(entitlements.Set)

 		if !ok {

 			return errors.Errorf("invalid entitlements %T", v)

 		}

-		for k := range set {

-			ent[k] = struct{}{}

+		for k, v := range set {

+			if prev, ok := ent[k]; ok && prev != nil {

+				prev.Merge(v)

+			} else {

+				ent[k] = v

+			}

 		}

 		return nil

 	})

@@ -7,6 +7,7 @@ import (

 	"github.com/containerd/platforms"

 	"github.com/moby/buildkit/solver"

+	"github.com/moby/buildkit/solver/llbsolver/cdidevices"

 	"github.com/moby/buildkit/solver/llbsolver/ops/opsutils"

 	"github.com/moby/buildkit/solver/pb"

 	"github.com/moby/buildkit/util/apicaps"

@@ -109,7 +110,7 @@ func NormalizeRuntimePlatforms() LoadOpt {

 	}

 }

-func ValidateEntitlements(ent entitlements.Set) LoadOpt {

+func ValidateEntitlements(ent entitlements.Set, cdiManager *cdidevices.Manager) LoadOpt {

 	return func(op *pb.Op, _ *pb.OpMetadata, opt *solver.VertexOptions) error {

 		switch op := op.Op.(type) {

 		case *pb.Op_Exec:

@@ -120,6 +121,75 @@ func ValidateEntitlements(ent entitlements.Set) LoadOpt {

 			if err := ent.Check(v); err != nil {

 				return err

 			}

+			if device := op.Exec.CdiDevices; len(device) > 0 {

+				var cfg *entitlements.DevicesConfig

+				if ent, ok := ent[entitlements.EntitlementDevice]; ok {

+					cfg, ok = ent.(*entitlements.DevicesConfig)

+					if !ok {

+						return errors.Errorf("invalid device entitlement config %T", ent)

+					}

+				}

+				if cfg != nil && cfg.All {

+					return nil

+				}

+

+				var allowedDevices []*pb.CDIDevice

+				var nonAliasedDevices []*pb.CDIDevice

+				if cfg != nil {

+					for _, d := range op.Exec.CdiDevices {

+						if newName, ok := cfg.Devices[d.Name]; ok && newName != "" {

+							d.Name = newName

+							allowedDevices = append(allowedDevices, d)

+						} else {

+							nonAliasedDevices = append(nonAliasedDevices, d)

+						}

+					}

+				} else {

+					nonAliasedDevices = op.Exec.CdiDevices

+				}

+

+				mountedDevices, err := cdiManager.FindDevices(nonAliasedDevices...)

+				if err != nil {

+					return err

+				}

+				if len(mountedDevices) == 0 {

+					op.Exec.CdiDevices = allowedDevices

+					return nil

+				}

+

+				grantedDevices := make(map[string]struct{})

+				if cfg != nil {

+					for d := range cfg.Devices {

+						resolved, err := cdiManager.FindDevices(&pb.CDIDevice{Name: d})

+						if err != nil {

+							return err

+						}

+						for _, r := range resolved {

+							grantedDevices[r] = struct{}{}

+						}

+					}

+				}

+

+				var forbidden []string

+				for _, d := range mountedDevices {

+					if _, ok := grantedDevices[d]; !ok {

+						if dev := cdiManager.GetDevice(d); !dev.AutoAllow {

+							forbidden = append(forbidden, d)

+							continue

+						}

+					}

+					allowedDevices = append(allowedDevices, &pb.CDIDevice{Name: d})

+				}

+

+				if len(forbidden) > 0 {

+					if len(forbidden) == 1 {

+						return errors.Errorf("device %s is requested by the build but not allowed", forbidden[0])

+					}

+					return errors.Errorf("devices %s are requested by the build but not allowed", strings.Join(forbidden, ", "))

+				}

+

+				op.Exec.CdiDevices = allowedDevices

+			}

 		}

 		return nil

 	}

@@ -1,31 +1,119 @@

 package entitlements

 import (

+	"strings"

+

 	"github.com/pkg/errors"

+	"github.com/tonistiigi/go-csvvalue"

 )

 type Entitlement string

+func (e Entitlement) String() string {

+	return string(e)

+}

+

 const (

 	EntitlementSecurityInsecure Entitlement = "security.insecure"

 	EntitlementNetworkHost      Entitlement = "network.host"

+	EntitlementDevice           Entitlement = "device"

 )

 var all = map[Entitlement]struct{}{

 	EntitlementSecurityInsecure: {},

 	EntitlementNetworkHost:      {},

+	EntitlementDevice:           {},

+}

+

+type EntitlementsConfig interface {

+	Merge(EntitlementsConfig) error

 }

-func Parse(s string) (Entitlement, error) {

+type DevicesConfig struct {

+	Devices map[string]string

+	All     bool

+}

+

+var _ EntitlementsConfig = &DevicesConfig{}

+

+func ParseDevicesConfig(s string) (*DevicesConfig, error) {

+	if s == "" {

+		return &DevicesConfig{All: true}, nil

+	}

+

+	fields, err := csvvalue.Fields(s, nil)

+	if err != nil {

+		return nil, err

+	}

+	deviceName := fields[0]

+	var deviceAlias string

+

+	for _, field := range fields[1:] {

+		k, v, ok := strings.Cut(field, "=")

+		if !ok {

+			return nil, errors.Errorf("invalid device config %q", field)

+		}

+		switch k {

+		case "alias":

+			deviceAlias = v

+		default:

+			return nil, errors.Errorf("unknown device config key %q", k)

+		}

+	}

+

+	cfg := &DevicesConfig{Devices: map[string]string{}}

+

+	if deviceAlias != "" {

+		cfg.Devices[deviceAlias] = deviceName

+	} else {

+		cfg.Devices[deviceName] = ""

+	}

+	return cfg, nil

+}

+

+func (c *DevicesConfig) Merge(in EntitlementsConfig) error {

+	c2, ok := in.(*DevicesConfig)

+	if !ok {

+		return errors.Errorf("cannot merge %T into %T", in, c)

+	}

+

+	if c2.All {

+		c.All = true

+		return nil

+	}

+

+	for k, v := range c2.Devices {

+		if c.Devices == nil {

+			c.Devices = map[string]string{}

+		}

+		c.Devices[k] = v

+	}

+	return nil

+}

+

+func Parse(s string) (Entitlement, EntitlementsConfig, error) {

+	var cfg EntitlementsConfig

+	key, rest, _ := strings.Cut(s, "=")

+	switch Entitlement(key) {

+	case EntitlementDevice:

+		s = key

+		var err error

+		cfg, err = ParseDevicesConfig(rest)

+		if err != nil {

+			return "", nil, err

+		}

+	default:

+	}

+

 	_, ok := all[Entitlement(s)]

 	if !ok {

-		return "", errors.Errorf("unknown entitlement %s", s)

+		return "", nil, errors.Errorf("unknown entitlement %s", s)

 	}

-	return Entitlement(s), nil

+	return Entitlement(s), cfg, nil

 }

 func WhiteList(allowed, supported []Entitlement) (Set, error) {

-	m := map[Entitlement]struct{}{}

+	m := map[Entitlement]EntitlementsConfig{}

 	var supm Set

 	if supported != nil {

@@ -37,7 +125,7 @@ func WhiteList(allowed, supported []Entitlement) (Set, error) {

 	}

 	for _, e := range allowed {

-		e, err := Parse(string(e))

+		e, cfg, err := Parse(string(e))

 		if err != nil {

 			return nil, err

 		}

@@ -46,13 +134,19 @@ func WhiteList(allowed, supported []Entitlement) (Set, error) {

 				return nil, errors.Errorf("granting entitlement %s is not allowed by build daemon configuration", e)

 			}

 		}

-		m[e] = struct{}{}

+		if prev, ok := m[e]; ok && prev != nil {

+			if err := prev.Merge(cfg); err != nil {

+				return nil, err

+			}

+		} else {

+			m[e] = cfg

+		}

 	}

 	return Set(m), nil

 }

-type Set map[Entitlement]struct{}

+type Set map[Entitlement]EntitlementsConfig

 func (s Set) Allowed(e Entitlement) bool {

 	_, ok := s[e]

@@ -77,4 +171,5 @@ func (s Set) Check(v Values) error {

 type Values struct {

 	NetworkHost      bool

 	SecurityInsecure bool

+	Devices          map[string]struct{}

 }

@@ -755,7 +755,7 @@ github.com/mitchellh/hashstructure/v2

 # github.com/mitchellh/reflectwalk v1.0.2

 ## explicit

 github.com/mitchellh/reflectwalk

-# github.com/moby/buildkit v0.20.0-rc2

+# github.com/moby/buildkit v0.20.0-rc3

 ## explicit; go 1.22.0

 github.com/moby/buildkit/api/services/control

 github.com/moby/buildkit/api/types