Index: include/secure/Makefile
===================================================================
--- include/secure/Makefile
+++ include/secure/Makefile
@@ -1,6 +1,6 @@
 # $FreeBSD$
 
-INCS= security.h _poll.h _socket.h
+INCS= security.h _poll.h _socket.h _stat.h
 INCSDIR= ${INCLUDEDIR}/secure
 
 .include <bsd.prog.mk>
Index: include/secure/_stat.h
===================================================================
--- /dev/null
+++ include/secure/_stat.h
@@ -0,0 +1,70 @@
+/*-
+ * Copyright (C) 2008 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *  * Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _SYS_STAT_H_
+#error "You should not use <secure/_stat.h> directly; include <sys/stat.h> instead."
+#endif
+
+#ifndef _SECURE_STAT_H_
+#define	_SECURE_STAT_H_
+
+#include <secure/security.h>
+
+__BEGIN_DECLS
+
+extern mode_t __umask_chk(mode_t);
+#ifndef __FORTIFY_UMASK_REAL
+#define	__FORTIFY_UMASK_REAL	1
+extern mode_t __umask_real(mode_t) __RENAME(umask);
+#endif
+__errordecl(__umask_invalid_mode, "umask called with invalid mode");
+
+#ifdef __BSD_FORTIFY
+
+__FORTIFY_INLINE mode_t
+umask(mode_t _mode)
+{
+#ifndef __clang__
+	if (__builtin_constant_p(_mode)) {
+		if ((_mode & 0777) != _mode)
+			__umask_invalid_mode();
+
+		return (__umask_real(_mode));
+	}
+#endif
+	return (__umask_chk(_mode));
+}
+#endif /* defined(__BSD_FORTIFY) */
+
+__END_DECLS
+
+#endif /* !_SECURE_STAT_H_ */
Index: lib/libc/secure/Makefile.inc
===================================================================
--- lib/libc/secure/Makefile.inc
+++ lib/libc/secure/Makefile.inc
@@ -18,6 +18,7 @@
 # but live in .h files under sys/sys
 SRCS+=	\
 	__poll_chk.c \
-	__recvfrom_chk.c
+	__recvfrom_chk.c \
+	__umask_chk.c
 
 SYM_MAPS+=    ${LIBC_SRCTOP}/secure/Symbol.map
Index: lib/libc/secure/Symbol.map
===================================================================
--- lib/libc/secure/Symbol.map
+++ lib/libc/secure/Symbol.map
@@ -22,6 +22,7 @@
 	__poll_chk;
 	__ppoll_chk;
 	__recvfrom_chk;
+	__umask_chk;
 	__secure_fail;
 };
 
Index: lib/libc/secure/__umask_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__umask_chk.c
@@ -0,0 +1,53 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *  * Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdlib.h>
+#include "secure/_stat.h"
+
+/*
+ * Validate that umask is called with sane mode.
+ */
+mode_t 
+__umask_chk(mode_t mode)
+{
+
+	if (__predict_false((mode & 0777) != mode))
+		__fortify_chk_fail("umask: called with invalid mask");
+
+	return (umask(mode));
+}
Index: sys/sys/stat.h
===================================================================
--- sys/sys/stat.h
+++ sys/sys/stat.h
@@ -356,6 +356,11 @@
 int	mknodat(int, const char *, mode_t, dev_t);
 #endif
 __END_DECLS
+
+#ifdef __BSD_FORTIFY
+#include <secure/_stat.h>
+#endif
+
 #endif /* !_KERNEL */
 
 #endif /* !_SYS_STAT_H_ */