[PATCH v4 01/12] bpf: Update the bpf_prog_calc_tag to use SHA256

[KP Singh]

On Fri, Sep 19, 2025 at 4:19 AM Alexei Starovoitov
<alexei.starovoitov at gmail.com> wrote:
>
> On Sun, Sep 14, 2025 at 2:51 PM KP Singh <kpsingh at kernel.org> wrote:
> >
> >  int bpf_prog_calc_tag(struct bpf_prog *fp)
> >  {
> > -       size_t size = bpf_prog_insn_size(fp);
> > -       u8 digest[SHA1_DIGEST_SIZE];
> > +       u32 insn_size = bpf_prog_insn_size(fp);
> >         struct bpf_insn *dst;
> >         bool was_ld_map;
> > -       u32 i;
> > +       int i, ret = 0;
>
> I undid all of the above extra noise and removed unnecessary 'ret'
> while applying the first 7 patches.

diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index 1cda2589d4b3..9b64674df16b 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -39,6 +39,7 @@
 #include <linux/bpf_mem_alloc.h>
 #include <linux/memcontrol.h>
 #include <linux/execmem.h>
+#include <crypto/sha2.h>

 #include <asm/barrier.h>
 #include <linux/unaligned.h>
@@ -296,7 +297,6 @@ void __bpf_prog_free(struct bpf_prog *fp)
 int bpf_prog_calc_tag(struct bpf_prog *fp)
 {
        size_t size = bpf_prog_insn_size(fp);
-       u8 digest[SHA1_DIGEST_SIZE];
        struct bpf_insn *dst;
        bool was_ld_map;
        u32 i;
@@ -327,8 +327,7 @@ int bpf_prog_calc_tag(struct bpf_prog *fp)
                        was_ld_map = false;
                }
        }
-       sha1((const u8 *)dst, size, digest);
-       memcpy(fp->tag, digest, sizeof(fp->tag));
+       sha256((u8 *)dst, size, fp->digest);
        vfree(dst);
        return 0;
 }

Updated as well

- KP
>
> Pls address comments and respin.