After Shadow's patch for
LU-2655 (see http://review.whamcloud.com/5135), in ldiskfs_write_ldd() if SELinux is enabled then the security context of the temporary mount point is appended to the mount options. Unfortunately this is done by appending the context to ldd_mount_opts and so it gets written into CONFIGS/mountdata.
Then when the device is mounted as lustre mount.lustre tries to clear the LDD_F_UPDATE flag from CONFIGS/mountdata, so we call ldiskfs_write_ldd() again which appends the context to the new temporary directory to ldd_mount_opts and uses the result as the options to mount the target as ldiskfs. This fails since the context option can only be specified once.
mount.lustre does succeed but the LDD_F_UPDATE flag is never cleared.