1digraph {
2  browser [label = "Browser"]
3  confirmationui_sign [color = "red", label = "internal/confui_sign.sock", shape = "rectangle"]
4  run_cvd
5  secure_env [label = < <B>secure_env</B> >, penwidth=2]
6  vmm [label = "crosvm / qemu"]
7  webRTC
8
9  subgraph fifos {
10    rank = same;
11
12    host_keymaster_in [color = "blue", label = "internal/keymaster_fifo_vm.in", shape = "rectangle"]
13    host_keymaster_out [color = "blue", label = "internal/keymaster_fifo_vm.out", shape = "rectangle"]
14    host_gatekeeper_in [color = "green", label = "internal/gatekeeper_fifo_vm.in", shape = "rectangle"]
15    host_gatekeeper_out [color = "green", label = "internal/gatekeeper_fifo_vm.out", shape = "rectangle"]
16    host_confirmationui_in [color = "red", label = "internal/confui_fifo_vm.in", shape = "rectangle"]
17    host_confirmationui_out [color = "red", label = "internal/confui_fifo_vm.out", shape = "rectangle"]
18    host_keymint_in [color = "blue", label = "internal/keymint_fifo_vm.in", shape = "rectangle"]
19    host_keymint_out [color = "blue", label = "internal/keymint_fifo_vm.out", shape = "rectangle"]
20  }
21
22  subgraph cluster_android {
23    label = "Android VM"
24    u_boot [label = "u-boot"]
25    confirmationui [color = "red", label = "ConfirmationUI HAL"]
26    gatekeeper [color = "green", label = "Gatekeeper HAL"]
27    subgraph cluster_keymint {
28      graph[style=dotted]
29      label = "One of:"
30      keymaster [color = "blue", label = "KeyMint (C++) HAL"]
31      keymint [color = "blue", label = "KeyMint (Rust) HAL"]
32    }
33
34    subgraph consoles {
35        rank = same;
36        confirmationui_console [color = "red", label = "/dev/hvc8", shape = "rectangle"]
37        gatekeeper_console [color = "green", label = "/dev/hvc4", shape = "rectangle"]
38        keymaster_console [color = "blue", label = "/dev/hvc3", shape = "rectangle"]
39        keymint_console [color = "blue", label = "/dev/hvc11", shape = "rectangle"]
40    }
41  }
42
43  browser -> webRTC
44  run_cvd -> secure_env
45
46  webRTC -> host_confirmationui_out -> vmm [dir = "back", color = "red"]
47  webRTC -> host_confirmationui_in -> vmm [color = "red"]
48  vmm -> confirmationui_console -> confirmationui [dir = "both", color = "red"]
49  { rank = same; secure_env -> confirmationui_sign -> webRTC [color = "red", dir = "both"] }
50
51  secure_env -> host_gatekeeper_out -> vmm [color = "green", dir = "back"]
52  secure_env -> host_gatekeeper_in -> vmm [color = "green"]
53  vmm -> gatekeeper_console -> gatekeeper [color = "green", dir = "both"]
54
55  secure_env -> host_keymaster_out -> vmm [color = "blue", dir = "back"]
56  secure_env -> host_keymaster_in -> vmm [color = "blue"]
57  vmm -> keymaster_console -> keymaster [color = "blue", dir = "both"]
58  keymaster_console -> u_boot [color = "blue", dir = "both"]
59
60  secure_env -> host_keymint_out -> vmm [color = "blue", dir = "back"]
61  secure_env -> host_keymint_in -> vmm [color = "blue"]
62  vmm -> keymint_console -> keymint [color = "blue", dir = "both"]
63
64}
65