diff -urNp ref/Documentation/Configure.help 2.4.20pre5aa2/Documentation/Configure.help
--- ref/Documentation/Configure.help	Fri Sep  6 01:19:24 2002
+++ 2.4.20pre5aa2/Documentation/Configure.help	Fri Sep  6 01:19:27 2002
@@ -12540,6 +12540,20 @@ CONFIG_ISP16_CDI
   The module will be called isp16.o. If you want to compile it as a
   module, say M here and read <file:Documentation/modules.txt>.
 
+Posix Access Control Lists
+CONFIG_FS_POSIX_ACL
+  Posix Access Control Lists (ACLs) support permissions for users and
+  groups beyond the owner/group/world scheme.
+
+  To learn more about Access Control Lists, visit the Posix ACLs for
+  Linux website <http://acl.bestbits.at/>.
+
+  If you plan to use Access Control Lists, you may also need the
+  getfacl and setfacl utilities, along with some additional patches
+  from the website.
+
+  If you don't know what Access Control Lists are, say N.
+
 iSeries Virtual I/O CD Support
 CONFIG_VIOCD
   If you are running Linux on an IBM iSeries system and you want to
diff -urNp ref/fs/namei.c 2.4.20pre5aa2/fs/namei.c
--- ref/fs/namei.c	Fri Sep  6 01:19:22 2002
+++ 2.4.20pre5aa2/fs/namei.c	Fri Sep  6 01:19:57 2002
@@ -1058,8 +1058,9 @@ do_last:
 
 	/* Negative dentry, just create the file */
 	if (!dentry->d_inode) {
-		error = vfs_create(dir->d_inode, dentry,
-				   mode & ~current->fs->umask);
+		if (!IS_POSIXACL(dir->d_inode))
+			mode &= ~current->fs->umask;
+		error = vfs_create(dir->d_inode, dentry, mode);
 		up(&dir->d_inode->i_sem);
 #ifndef DENTRY_WASTE_RAM
 		if (error)
@@ -1294,7 +1295,8 @@ asmlinkage long sys_mknod(const char * f
 	dentry = lookup_create(&nd, 0);
 	error = PTR_ERR(dentry);
 
-	mode &= ~current->fs->umask;
+	if (!IS_POSIXACL(nd.dentry->d_inode))
+		mode &= ~current->fs->umask;
 	if (!IS_ERR(dentry)) {
 		switch (mode & S_IFMT) {
 		case 0: case S_IFREG:
@@ -1362,8 +1364,9 @@ asmlinkage long sys_mkdir(const char * p
 		dentry = lookup_create(&nd, 1);
 		error = PTR_ERR(dentry);
 		if (!IS_ERR(dentry)) {
-			error = vfs_mkdir(nd.dentry->d_inode, dentry,
-					  mode & ~current->fs->umask);
+			if (!IS_POSIXACL(nd.dentry->d_inode))
+				mode &= ~current->fs->umask;
+			error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
 			dput(dentry);
 		}
 		up(&nd.dentry->d_inode->i_sem);
diff -urNp ref/include/linux/fs.h 2.4.20pre5aa2/include/linux/fs.h
--- ref/include/linux/fs.h	Fri Sep  6 01:19:23 2002
+++ 2.4.20pre5aa2/include/linux/fs.h	Fri Sep  6 01:19:27 2002
@@ -111,6 +111,7 @@ extern int leases_enable, dir_notify_ena
 #define MS_MOVE		8192
 #define MS_REC		16384
 #define MS_VERBOSE	32768
+#define MS_POSIXACL	65536	/* VFS does not apply the umask */
 #define MS_ACTIVE	(1<<30)
 #define MS_NOUSER	(1<<31)
 
@@ -161,6 +162,7 @@ extern int leases_enable, dir_notify_ena
 #define IS_IMMUTABLE(inode)	((inode)->i_flags & S_IMMUTABLE)
 #define IS_NOATIME(inode)	(__IS_FLG(inode, MS_NOATIME) || ((inode)->i_flags & S_NOATIME))
 #define IS_NODIRATIME(inode)	__IS_FLG(inode, MS_NODIRATIME)
+#define IS_POSIXACL(inode)	__IS_FLG(inode, MS_POSIXACL)
 
 #define IS_DEADDIR(inode)	((inode)->i_flags & S_DEAD)
 
diff -urNp ref/include/linux/posix_acl_xattr.h 2.4.20pre5aa2/include/linux/posix_acl_xattr.h
--- ref/include/linux/posix_acl_xattr.h	Thu Jan  1 01:00:00 1970
+++ 2.4.20pre5aa2/include/linux/posix_acl_xattr.h	Fri Sep  6 01:19:27 2002
@@ -0,0 +1,66 @@
+/*
+  File: linux/posix_acl_xattr.h
+
+  Extended attribute system call representation of Access Control Lists.
+
+  Copyright (C) 2000 by Andreas Gruenbacher <a.gruenbacher@computer.org>
+ */
+#ifndef _POSIX_ACL_XATTR_H
+#define _POSIX_ACL_XATTR_H
+
+/* Extended attribute names */
+#define POSIX_ACL_XATTR_ACCESS	"system.posix_acl_access"
+#define POSIX_ACL_XATTR_DEFAULT	"system.posix_acl_default"
+
+/* Supported ACL a_version fields */
+#define POSIX_ACL_XATTR_VERSION	0x0002
+
+
+/* An undefined entry e_id value */
+#define ACL_UNDEFINED_ID	(-1)
+
+/* ACL entry e_tag field values */
+#define ACL_USER_OBJ		(0x01)
+#define ACL_USER		(0x02)
+#define ACL_GROUP_OBJ		(0x04)
+#define ACL_GROUP		(0x08)
+#define ACL_MASK		(0x10)
+#define ACL_OTHER		(0x20)
+
+/* ACL entry e_perm bitfield values */
+#define ACL_READ		(0x04)
+#define ACL_WRITE		(0x02)
+#define ACL_EXECUTE		(0x01)
+
+
+typedef struct {
+	__u16			e_tag;
+	__u16			e_perm;
+	__u32			e_id;
+} posix_acl_xattr_entry;
+
+typedef struct {
+	__u32			a_version;
+	posix_acl_xattr_entry	a_entries[0];
+} posix_acl_xattr_header;
+
+
+static inline size_t
+posix_acl_xattr_size(int count)
+{
+	return (sizeof(posix_acl_xattr_header) +
+		(count * sizeof(posix_acl_xattr_entry)));
+}
+
+static inline int
+posix_acl_xattr_count(size_t size)
+{
+	if (size < sizeof(posix_acl_xattr_header))
+		return -1;
+	size -= sizeof(posix_acl_xattr_header);
+	if (size % sizeof(posix_acl_xattr_entry))
+		return -1;
+	return size / sizeof(posix_acl_xattr_entry);
+}
+
+#endif	/* _POSIX_ACL_XATTR_H */