new helper: security_sb_eat_lsm_opts()

static int parse_security_options(char *orig_opts,

				  struct security_mnt_opts *sec_opts)

{

	char *secdata = NULL;

	int ret = 0;

	secdata = alloc_secdata();

	if (!secdata)

		return -ENOMEM;

	ret = security_sb_copy_data(orig_opts, secdata);

	if (ret) {

		free_secdata(secdata);

		return ret;

	}

	ret = security_sb_parse_opts_str(secdata, sec_opts);

	free_secdata(secdata);

	return ret;

	return security_sb_eat_lsm_opts(orig_opts, sec_opts);

}

static int setup_security_options(struct btrfs_fs_info *fs_info,

	security_init_mnt_opts(&opts);

	if (data && !(sb->s_type->fs_flags & FS_BINARY_MOUNTDATA)) {

		char *secdata = alloc_secdata();

		if (!secdata)

			return -ENOMEM;

		err = security_sb_copy_data(data, secdata);

		if (err) {

			free_secdata(secdata);

			return err;

		}

		err = security_sb_parse_opts_str(secdata, &opts);

		free_secdata(secdata);

		err = security_sb_eat_lsm_opts(data, &opts);

		if (err)

			return err;

	}

static int nfs_parse_mount_options(char *raw,

				   struct nfs_parsed_mount_data *mnt)

{

	char *p, *string, *secdata;

	char *p, *string;

	int rc, sloppy = 0, invalid_option = 0;

	unsigned short protofamily = AF_UNSPEC;

	unsigned short mountfamily = AF_UNSPEC;

	}

	dfprintk(MOUNT, "NFS: nfs mount opts='%s'\n", raw);

	secdata = alloc_secdata();

	if (!secdata)

		goto out_nomem;

	rc = security_sb_copy_data(raw, secdata);

	if (rc)

		goto out_security_failure;

	rc = security_sb_parse_opts_str(secdata, &mnt->lsm_opts);

	rc = security_sb_eat_lsm_opts(raw, &mnt->lsm_opts);

	if (rc)

		goto out_security_failure;

	free_secdata(secdata);

	while ((p = strsep(&raw, ",")) != NULL) {

		substring_t args[MAX_OPT_ARGS];

		unsigned long option;

	printk(KERN_INFO "NFS: not enough memory to parse option\n");

	return 0;

out_security_failure:

	free_secdata(secdata);

	printk(KERN_INFO "NFS: security options invalid: %d\n", rc);

	return 0;

}

	security_init_mnt_opts(&opts);

	if (data && !(type->fs_flags & FS_BINARY_MOUNTDATA)) {

		char *secdata = alloc_secdata();

		if (!secdata)

			return ERR_PTR(-ENOMEM);

		error = security_sb_copy_data(data, secdata);

		if (error) {

			free_secdata(secdata);

			return ERR_PTR(error);

		}

		error = security_sb_parse_opts_str(secdata, &opts);

		free_secdata(secdata);

		error = security_sb_eat_lsm_opts(data, &opts);

		if (error)

			return ERR_PTR(error);

	}

void security_bprm_committed_creds(struct linux_binprm *bprm);

int security_sb_alloc(struct super_block *sb);

void security_sb_free(struct super_block *sb);

int security_sb_copy_data(char *orig, char *copy);

int security_sb_eat_lsm_opts(char *options, struct security_mnt_opts *opts);

int security_sb_remount(struct super_block *sb, struct security_mnt_opts *opts);

int security_sb_kern_mount(struct super_block *sb, int flags,

			   struct security_mnt_opts *opts);

static inline void security_sb_free(struct super_block *sb)

{ }

static inline int security_sb_copy_data(char *orig, char *copy)

static inline int security_sb_eat_lsm_opts(char *options,

					   struct security_mnt_opts *opts)

{

	return 0;

}

#endif /* CONFIG_SECURITY */

#endif /* CONFIG_BPF_SYSCALL */

#ifdef CONFIG_SECURITY

static inline char *alloc_secdata(void)

{

	return (char *)get_zeroed_page(GFP_KERNEL);

}

static inline void free_secdata(void *secdata)

{

	free_page((unsigned long)secdata);

}

#else

static inline char *alloc_secdata(void)

{

        return (char *)1;

}

static inline void free_secdata(void *secdata)

{ }

#endif /* CONFIG_SECURITY */

#endif /* ! __LINUX_SECURITY_H */