diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 3acf4fd4e5a5397f4b6fa440ce46ee24bf7e6036..8ab0b1e16e5b82e4d88dbde4510a6837bb8a1067 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -200,7 +200,7 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
 	pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
 
 	tpm_buf_append_u32(&buf, 1);
-	tpm_buf_append_u16(&buf, TPM2_ALG_SHA1);
+	tpm_buf_append_u16(&buf, TPM2_ALG_SHA256);
 	tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN);
 	tpm_buf_append(&buf, (const unsigned char *)pcr_select,
 		       sizeof(pcr_select));
@@ -209,7 +209,7 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
 			res_buf ? "attempting to read a pcr value" : NULL);
 	if (rc == 0 && res_buf) {
 		out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE];
-		memcpy(res_buf, out->digest, SHA1_DIGEST_SIZE);
+		memcpy(res_buf, out->digest, SHA256_DIGEST_SIZE);
 	}
 
 	tpm_buf_destroy(&buf);
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index e60473b13a8d200ebc31f915b3e6c98e160caaa1..0ec55122363dcd04519b1de25c49692679b2826a 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -79,7 +79,7 @@ enum evm_ima_xattr_type {
 
 struct evm_ima_xattr_data {
 	u8 type;
-	u8 digest[SHA1_DIGEST_SIZE];
+	u8 digest[SHA256_DIGEST_SIZE];
 } __packed;
 
 #define IMA_MAX_DIGEST_SIZE	64