--- zzzz-none-000/linux-4.1.52/arch/arm/kernel/head.S	2018-05-28 02:26:45.000000000 +0000
+++ bcm63-7530ax-731/linux-4.1.52/arch/arm/kernel/head.S	2022-03-02 11:37:12.000000000 +0000
@@ -78,9 +78,14 @@
 
 	__HEAD
 ENTRY(stext)
+ENTRY(kernel_entry)
  ARM_BE8(setend	be )			@ ensure we are in BE8 mode
 
+#if defined(CONFIG_BCM_KF_SPECTRE_PATCH) && defined(CONFIG_BCM_SPECTRE_PATCH_ENABLE)
+ THUMB(	badr	r9, 1f		)	@ Kernel is always entered in ARM.
+#else
  THUMB(	adr	r9, BSYM(1f)	)	@ Kernel is always entered in ARM.
+#endif
  THUMB(	bx	r9		)	@ If this is a Thumb-2 kernel,
  THUMB(	.thumb			)	@ switch to Thumb now.
  THUMB(1:			)
@@ -136,7 +141,11 @@
 	 */
 	ldr	r13, =__mmap_switched		@ address to jump to after
 						@ mmu has been enabled
+#if defined(CONFIG_BCM_KF_SPECTRE_PATCH) && defined(CONFIG_BCM_SPECTRE_PATCH_ENABLE)
+	badr	lr, 1f				@ return (PIC) address
+#else
 	adr	lr, BSYM(1f)			@ return (PIC) address
+#endif
 	mov	r8, r4				@ set TTBR1 to swapper_pg_dir
 	ldr	r12, [r10, #PROCINFO_INITFUNC]
 	add	r12, r12, r10
@@ -348,7 +357,11 @@
 	.text
 ENTRY(secondary_startup_arm)
 	.arm
+#if defined(CONFIG_BCM_KF_SPECTRE_PATCH) && defined(CONFIG_BCM_SPECTRE_PATCH_ENABLE)
+ THUMB(	badr	r9, 1f		)	@ Kernel is entered in ARM.
+#else
  THUMB(	adr	r9, BSYM(1f)	)	@ Kernel is entered in ARM.
+#endif
  THUMB(	bx	r9		)	@ If this is a Thumb-2 kernel,
  THUMB(	.thumb			)	@ switch to Thumb now.
  THUMB(1:			)
@@ -384,7 +397,11 @@
 	ldr	r4, [r7, lr]			@ get secondary_data.pgdir
 	add	r7, r7, #4
 	ldr	r8, [r7, lr]			@ get secondary_data.swapper_pg_dir
+#if defined(CONFIG_BCM_KF_SPECTRE_PATCH) && defined(CONFIG_BCM_SPECTRE_PATCH_ENABLE)
+	badr	lr, __enable_mmu		@ return address
+#else
 	adr	lr, BSYM(__enable_mmu)		@ return address
+#endif
 	mov	r13, r12			@ __secondary_switched address
 	ldr	r12, [r10, #PROCINFO_INITFUNC]
 	add	r12, r12, r10			@ initialise processor