4 * Copyright(c) 2015-2016 Intel Corporation. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * * Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * * Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * * Neither the name of Intel Corporation nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
40 #include <sys/queue.h>
43 #include <rte_common.h>
45 #include <rte_debug.h>
46 #include <rte_memory.h>
47 #include <rte_memzone.h>
48 #include <rte_tailq.h>
49 #include <rte_ether.h>
50 #include <rte_malloc.h>
51 #include <rte_launch.h>
53 #include <rte_per_lcore.h>
54 #include <rte_lcore.h>
55 #include <rte_atomic.h>
56 #include <rte_branch_prediction.h>
58 #include <rte_mempool.h>
60 #include <rte_string_fns.h>
61 #include <rte_spinlock.h>
62 #include <rte_hexdump.h>
66 #include "qat_crypto.h"
67 #include "adf_transport_access_macros.h"
70 static inline uint32_t
71 adf_modulo(uint32_t data, uint32_t shift);
74 qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg);
76 void qat_crypto_sym_clear_session(struct rte_cryptodev *dev,
79 struct qat_session *sess = session;
80 phys_addr_t cd_paddr = sess->cd_paddr;
82 PMD_INIT_FUNC_TRACE();
84 memset(sess, 0, qat_crypto_sym_get_session_private_size(dev));
86 sess->cd_paddr = cd_paddr;
91 qat_get_cmd_id(const struct rte_crypto_sym_xform *xform)
94 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL)
95 return ICP_QAT_FW_LA_CMD_CIPHER;
97 /* Authentication Only */
98 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH && xform->next == NULL)
99 return ICP_QAT_FW_LA_CMD_AUTH;
101 if (xform->next == NULL)
104 /* Cipher then Authenticate */
105 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
106 xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH)
107 return ICP_QAT_FW_LA_CMD_CIPHER_HASH;
109 /* Authenticate then Cipher */
110 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
111 xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER)
112 return ICP_QAT_FW_LA_CMD_HASH_CIPHER;
117 static struct rte_crypto_auth_xform *
118 qat_get_auth_xform(struct rte_crypto_sym_xform *xform)
121 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH)
130 static struct rte_crypto_cipher_xform *
131 qat_get_cipher_xform(struct rte_crypto_sym_xform *xform)
134 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER)
135 return &xform->cipher;
143 qat_crypto_sym_configure_session_cipher(struct rte_cryptodev *dev,
144 struct rte_crypto_sym_xform *xform, void *session_private)
146 struct qat_pmd_private *internals = dev->data->dev_private;
148 struct qat_session *session = session_private;
150 struct rte_crypto_cipher_xform *cipher_xform = NULL;
152 /* Get cipher xform from crypto xform chain */
153 cipher_xform = qat_get_cipher_xform(xform);
155 switch (cipher_xform->algo) {
156 case RTE_CRYPTO_CIPHER_AES_CBC:
157 if (qat_alg_validate_aes_key(cipher_xform->key.length,
158 &session->qat_cipher_alg) != 0) {
159 PMD_DRV_LOG(ERR, "Invalid AES cipher key size");
162 session->qat_mode = ICP_QAT_HW_CIPHER_CBC_MODE;
164 case RTE_CRYPTO_CIPHER_AES_GCM:
165 if (qat_alg_validate_aes_key(cipher_xform->key.length,
166 &session->qat_cipher_alg) != 0) {
167 PMD_DRV_LOG(ERR, "Invalid AES cipher key size");
170 session->qat_mode = ICP_QAT_HW_CIPHER_CTR_MODE;
172 case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
173 if (qat_alg_validate_snow3g_key(cipher_xform->key.length,
174 &session->qat_cipher_alg) != 0) {
175 PMD_DRV_LOG(ERR, "Invalid SNOW3G cipher key size");
178 session->qat_mode = ICP_QAT_HW_CIPHER_ECB_MODE;
180 case RTE_CRYPTO_CIPHER_NULL:
181 case RTE_CRYPTO_CIPHER_3DES_ECB:
182 case RTE_CRYPTO_CIPHER_3DES_CBC:
183 case RTE_CRYPTO_CIPHER_AES_ECB:
184 case RTE_CRYPTO_CIPHER_AES_CTR:
185 case RTE_CRYPTO_CIPHER_AES_CCM:
186 case RTE_CRYPTO_CIPHER_KASUMI_F8:
187 PMD_DRV_LOG(ERR, "Crypto: Unsupported Cipher alg %u",
191 PMD_DRV_LOG(ERR, "Crypto: Undefined Cipher specified %u\n",
196 if (cipher_xform->op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
197 session->qat_dir = ICP_QAT_HW_CIPHER_ENCRYPT;
199 session->qat_dir = ICP_QAT_HW_CIPHER_DECRYPT;
201 if (qat_alg_aead_session_create_content_desc_cipher(session,
202 cipher_xform->key.data,
203 cipher_xform->key.length))
209 rte_mempool_put(internals->sess_mp, session);
215 qat_crypto_sym_configure_session(struct rte_cryptodev *dev,
216 struct rte_crypto_sym_xform *xform, void *session_private)
218 struct qat_pmd_private *internals = dev->data->dev_private;
220 struct qat_session *session = session_private;
224 PMD_INIT_FUNC_TRACE();
226 /* Get requested QAT command id */
227 qat_cmd_id = qat_get_cmd_id(xform);
228 if (qat_cmd_id < 0 || qat_cmd_id >= ICP_QAT_FW_LA_CMD_DELIMITER) {
229 PMD_DRV_LOG(ERR, "Unsupported xform chain requested");
232 session->qat_cmd = (enum icp_qat_fw_la_cmd_id)qat_cmd_id;
233 switch (session->qat_cmd) {
234 case ICP_QAT_FW_LA_CMD_CIPHER:
235 session = qat_crypto_sym_configure_session_cipher(dev, xform, session);
237 case ICP_QAT_FW_LA_CMD_AUTH:
238 session = qat_crypto_sym_configure_session_auth(dev, xform, session);
240 case ICP_QAT_FW_LA_CMD_CIPHER_HASH:
241 session = qat_crypto_sym_configure_session_cipher(dev, xform, session);
242 session = qat_crypto_sym_configure_session_auth(dev, xform, session);
244 case ICP_QAT_FW_LA_CMD_HASH_CIPHER:
245 session = qat_crypto_sym_configure_session_auth(dev, xform, session);
246 session = qat_crypto_sym_configure_session_cipher(dev, xform, session);
248 case ICP_QAT_FW_LA_CMD_TRNG_GET_RANDOM:
249 case ICP_QAT_FW_LA_CMD_TRNG_TEST:
250 case ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE:
251 case ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE:
252 case ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE:
253 case ICP_QAT_FW_LA_CMD_MGF1:
254 case ICP_QAT_FW_LA_CMD_AUTH_PRE_COMP:
255 case ICP_QAT_FW_LA_CMD_CIPHER_PRE_COMP:
256 case ICP_QAT_FW_LA_CMD_DELIMITER:
257 PMD_DRV_LOG(ERR, "Unsupported Service %u",
261 PMD_DRV_LOG(ERR, "Unsupported Service %u",
268 rte_mempool_put(internals->sess_mp, session);
273 qat_crypto_sym_configure_session_auth(struct rte_cryptodev *dev,
274 struct rte_crypto_sym_xform *xform,
275 struct qat_session *session_private)
278 struct qat_pmd_private *internals = dev->data->dev_private;
279 struct qat_session *session = session_private;
280 struct rte_crypto_auth_xform *auth_xform = NULL;
281 struct rte_crypto_cipher_xform *cipher_xform = NULL;
282 auth_xform = qat_get_auth_xform(xform);
284 switch (auth_xform->algo) {
285 case RTE_CRYPTO_AUTH_SHA1_HMAC:
286 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA1;
288 case RTE_CRYPTO_AUTH_SHA256_HMAC:
289 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA256;
291 case RTE_CRYPTO_AUTH_SHA512_HMAC:
292 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA512;
294 case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
295 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC;
297 case RTE_CRYPTO_AUTH_AES_GCM:
298 case RTE_CRYPTO_AUTH_AES_GMAC:
299 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_GALOIS_128;
301 case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
302 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2;
304 case RTE_CRYPTO_AUTH_NULL:
305 case RTE_CRYPTO_AUTH_SHA1:
306 case RTE_CRYPTO_AUTH_SHA256:
307 case RTE_CRYPTO_AUTH_SHA512:
308 case RTE_CRYPTO_AUTH_SHA224:
309 case RTE_CRYPTO_AUTH_SHA224_HMAC:
310 case RTE_CRYPTO_AUTH_SHA384:
311 case RTE_CRYPTO_AUTH_SHA384_HMAC:
312 case RTE_CRYPTO_AUTH_MD5:
313 case RTE_CRYPTO_AUTH_MD5_HMAC:
314 case RTE_CRYPTO_AUTH_AES_CCM:
315 case RTE_CRYPTO_AUTH_KASUMI_F9:
316 case RTE_CRYPTO_AUTH_AES_CMAC:
317 case RTE_CRYPTO_AUTH_AES_CBC_MAC:
318 case RTE_CRYPTO_AUTH_ZUC_EIA3:
319 PMD_DRV_LOG(ERR, "Crypto: Unsupported hash alg %u",
323 PMD_DRV_LOG(ERR, "Crypto: Undefined Hash algo %u specified",
327 cipher_xform = qat_get_cipher_xform(xform);
329 if ((session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_128) ||
330 (session->qat_hash_alg ==
331 ICP_QAT_HW_AUTH_ALGO_GALOIS_64)) {
332 if (qat_alg_aead_session_create_content_desc_auth(session,
333 cipher_xform->key.data,
334 cipher_xform->key.length,
335 auth_xform->add_auth_data_length,
336 auth_xform->digest_length))
339 if (qat_alg_aead_session_create_content_desc_auth(session,
340 auth_xform->key.data,
341 auth_xform->key.length,
342 auth_xform->add_auth_data_length,
343 auth_xform->digest_length))
349 rte_mempool_put(internals->sess_mp, session);
353 unsigned qat_crypto_sym_get_session_private_size(
354 struct rte_cryptodev *dev __rte_unused)
356 return RTE_ALIGN_CEIL(sizeof(struct qat_session), 8);
361 qat_pmd_enqueue_op_burst(void *qp, struct rte_crypto_op **ops,
364 register struct qat_queue *queue;
365 struct qat_qp *tmp_qp = (struct qat_qp *)qp;
366 register uint32_t nb_ops_sent = 0;
367 register struct rte_crypto_op **cur_op = ops;
369 uint16_t nb_ops_possible = nb_ops;
370 register uint8_t *base_addr;
371 register uint32_t tail;
374 /* read params used a lot in main loop into registers */
375 queue = &(tmp_qp->tx_q);
376 base_addr = (uint8_t *)queue->base_addr;
379 /* Find how many can actually fit on the ring */
380 overflow = rte_atomic16_add_return(&tmp_qp->inflights16, nb_ops)
381 - queue->max_inflights;
383 rte_atomic16_sub(&tmp_qp->inflights16, overflow);
384 nb_ops_possible = nb_ops - overflow;
385 if (nb_ops_possible == 0)
389 while (nb_ops_sent != nb_ops_possible) {
390 ret = qat_write_hw_desc_entry(*cur_op, base_addr + tail);
392 tmp_qp->stats.enqueue_err_count++;
393 if (nb_ops_sent == 0)
398 tail = adf_modulo(tail + queue->msg_size, queue->modulo);
403 WRITE_CSR_RING_TAIL(tmp_qp->mmap_bar_addr, queue->hw_bundle_number,
404 queue->hw_queue_number, tail);
406 tmp_qp->stats.enqueued_count += nb_ops_sent;
411 qat_pmd_dequeue_op_burst(void *qp, struct rte_crypto_op **ops,
414 struct qat_queue *queue;
415 struct qat_qp *tmp_qp = (struct qat_qp *)qp;
416 uint32_t msg_counter = 0;
417 struct rte_crypto_op *rx_op;
418 struct icp_qat_fw_comn_resp *resp_msg;
420 queue = &(tmp_qp->rx_q);
421 resp_msg = (struct icp_qat_fw_comn_resp *)
422 ((uint8_t *)queue->base_addr + queue->head);
424 while (*(uint32_t *)resp_msg != ADF_RING_EMPTY_SIG &&
425 msg_counter != nb_ops) {
426 rx_op = (struct rte_crypto_op *)(uintptr_t)
427 (resp_msg->opaque_data);
429 #ifdef RTE_LIBRTE_PMD_QAT_DEBUG_RX
430 rte_hexdump(stdout, "qat_response:", (uint8_t *)resp_msg,
431 sizeof(struct icp_qat_fw_comn_resp));
433 if (ICP_QAT_FW_COMN_STATUS_FLAG_OK !=
434 ICP_QAT_FW_COMN_RESP_CRYPTO_STAT_GET(
435 resp_msg->comn_hdr.comn_status)) {
436 rx_op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
438 rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
440 *(uint32_t *)resp_msg = ADF_RING_EMPTY_SIG;
441 queue->head = adf_modulo(queue->head +
443 ADF_RING_SIZE_MODULO(queue->queue_size));
444 resp_msg = (struct icp_qat_fw_comn_resp *)
445 ((uint8_t *)queue->base_addr +
451 if (msg_counter > 0) {
452 WRITE_CSR_RING_HEAD(tmp_qp->mmap_bar_addr,
453 queue->hw_bundle_number,
454 queue->hw_queue_number, queue->head);
455 rte_atomic16_sub(&tmp_qp->inflights16, msg_counter);
456 tmp_qp->stats.dequeued_count += msg_counter;
462 qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg)
464 struct qat_session *ctx;
465 struct icp_qat_fw_la_cipher_req_params *cipher_param;
466 struct icp_qat_fw_la_auth_req_params *auth_param;
467 register struct icp_qat_fw_la_bulk_req *qat_req;
469 #ifdef RTE_LIBRTE_PMD_QAT_DEBUG_TX
470 if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC)) {
471 PMD_DRV_LOG(ERR, "QAT PMD only supports symmetric crypto "
472 "operation requests, op (%p) is not a "
473 "symmetric operation.", op);
477 if (unlikely(op->sym->type == RTE_CRYPTO_SYM_OP_SESSIONLESS)) {
478 PMD_DRV_LOG(ERR, "QAT PMD only supports session oriented"
479 " requests, op (%p) is sessionless.", op);
483 if (unlikely(op->sym->session->type != RTE_CRYPTODEV_QAT_SYM_PMD)) {
484 PMD_DRV_LOG(ERR, "Session was not created for this device");
488 ctx = (struct qat_session *)op->sym->session->_private;
489 qat_req = (struct icp_qat_fw_la_bulk_req *)out_msg;
490 *qat_req = ctx->fw_req;
491 qat_req->comn_mid.opaque_data = (uint64_t)(uintptr_t)op;
494 * The following code assumes:
495 * - single entry buffer.
498 qat_req->comn_mid.dst_length =
499 qat_req->comn_mid.src_length =
500 rte_pktmbuf_data_len(op->sym->m_src);
501 qat_req->comn_mid.dest_data_addr =
502 qat_req->comn_mid.src_data_addr =
503 rte_pktmbuf_mtophys(op->sym->m_src);
504 cipher_param = (void *)&qat_req->serv_specif_rqpars;
505 auth_param = (void *)((uint8_t *)cipher_param + sizeof(*cipher_param));
507 cipher_param->cipher_length = op->sym->cipher.data.length;
508 cipher_param->cipher_offset = op->sym->cipher.data.offset;
509 if (op->sym->cipher.iv.length && (op->sym->cipher.iv.length <=
510 sizeof(cipher_param->u.cipher_IV_array))) {
511 rte_memcpy(cipher_param->u.cipher_IV_array,
512 op->sym->cipher.iv.data,
513 op->sym->cipher.iv.length);
515 ICP_QAT_FW_LA_CIPH_IV_FLD_FLAG_SET(
516 qat_req->comn_hdr.serv_specif_flags,
517 ICP_QAT_FW_CIPH_IV_64BIT_PTR);
518 cipher_param->u.s.cipher_IV_ptr = op->sym->cipher.iv.phys_addr;
520 if (op->sym->auth.digest.phys_addr) {
521 ICP_QAT_FW_LA_DIGEST_IN_BUFFER_SET(
522 qat_req->comn_hdr.serv_specif_flags,
523 ICP_QAT_FW_LA_NO_DIGEST_IN_BUFFER);
524 auth_param->auth_res_addr = op->sym->auth.digest.phys_addr;
526 auth_param->auth_off = op->sym->auth.data.offset;
527 auth_param->auth_len = op->sym->auth.data.length;
529 auth_param->u1.aad_adr = op->sym->auth.aad.phys_addr;
530 /* (GCM) aad length(240 max) will be at this location after precompute */
531 if (ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_128 ||
532 ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_64) {
533 auth_param->u2.aad_sz =
534 ALIGN_POW2_ROUNDUP(ctx->cd.hash.sha.state1[
535 ICP_QAT_HW_GALOIS_128_STATE1_SZ +
536 ICP_QAT_HW_GALOIS_H_SZ + 3], 16);
538 auth_param->hash_state_sz = (auth_param->u2.aad_sz) >> 3;
541 #ifdef RTE_LIBRTE_PMD_QAT_DEBUG_TX
542 rte_hexdump(stdout, "qat_req:", qat_req,
543 sizeof(struct icp_qat_fw_la_bulk_req));
544 rte_hexdump(stdout, "src_data:",
545 rte_pktmbuf_mtod(op->sym->m_src, uint8_t*),
546 rte_pktmbuf_data_len(op->sym->m_src));
547 rte_hexdump(stdout, "iv:", op->sym->cipher.iv.data,
548 op->sym->cipher.iv.length);
549 rte_hexdump(stdout, "digest:", op->sym->auth.digest.data,
550 op->sym->auth.digest.length);
551 rte_hexdump(stdout, "aad:", op->sym->auth.aad.data,
552 op->sym->auth.aad.length);
557 static inline uint32_t adf_modulo(uint32_t data, uint32_t shift)
559 uint32_t div = data >> shift;
560 uint32_t mult = div << shift;
565 void qat_crypto_sym_session_init(struct rte_mempool *mp, void *priv_sess)
567 struct qat_session *s = priv_sess;
569 PMD_INIT_FUNC_TRACE();
570 s->cd_paddr = rte_mempool_virt2phy(mp, &s->cd);
573 int qat_dev_config(__rte_unused struct rte_cryptodev *dev)
575 PMD_INIT_FUNC_TRACE();
579 int qat_dev_start(__rte_unused struct rte_cryptodev *dev)
581 PMD_INIT_FUNC_TRACE();
585 void qat_dev_stop(__rte_unused struct rte_cryptodev *dev)
587 PMD_INIT_FUNC_TRACE();
590 int qat_dev_close(struct rte_cryptodev *dev)
594 PMD_INIT_FUNC_TRACE();
596 for (i = 0; i < dev->data->nb_queue_pairs; i++) {
597 ret = qat_crypto_sym_qp_release(dev, i);
605 void qat_dev_info_get(__rte_unused struct rte_cryptodev *dev,
606 struct rte_cryptodev_info *info)
608 struct qat_pmd_private *internals = dev->data->dev_private;
610 PMD_INIT_FUNC_TRACE();
612 info->max_nb_queue_pairs =
613 ADF_NUM_SYM_QPS_PER_BUNDLE *
614 ADF_NUM_BUNDLES_PER_DEV;
616 info->sym.max_nb_sessions = internals->max_nb_sessions;
617 info->dev_type = RTE_CRYPTODEV_QAT_SYM_PMD;
621 void qat_crypto_sym_stats_get(struct rte_cryptodev *dev,
622 struct rte_cryptodev_stats *stats)
625 struct qat_qp **qp = (struct qat_qp **)(dev->data->queue_pairs);
627 PMD_INIT_FUNC_TRACE();
629 PMD_DRV_LOG(ERR, "invalid stats ptr NULL");
632 for (i = 0; i < dev->data->nb_queue_pairs; i++) {
634 PMD_DRV_LOG(DEBUG, "Uninitialised queue pair");
638 stats->enqueued_count += qp[i]->stats.enqueued_count;
639 stats->dequeued_count += qp[i]->stats.enqueued_count;
640 stats->enqueue_err_count += qp[i]->stats.enqueue_err_count;
641 stats->dequeue_err_count += qp[i]->stats.enqueue_err_count;
645 void qat_crypto_sym_stats_reset(struct rte_cryptodev *dev)
648 struct qat_qp **qp = (struct qat_qp **)(dev->data->queue_pairs);
650 PMD_INIT_FUNC_TRACE();
651 for (i = 0; i < dev->data->nb_queue_pairs; i++)
652 memset(&(qp[i]->stats), 0, sizeof(qp[i]->stats));
653 PMD_DRV_LOG(DEBUG, "QAT crypto: stats cleared");