Announcement: Preloaded disposables #146
Conversation
ben-grande
force-pushed
the
announce-preload
branch
from
9bb3cee to
03f7a19
Compare
ben-grande
force-pushed
the
announce-preload
branch
2 times, most recently
from
3592218 to
6de57d2
Compare
ben-grande
force-pushed
the
announce-preload
branch
2 times, most recently
from
51a71c0 to
c38969c
Compare
2025-07-10-preloaded-disposables.md
Outdated
| Or use the equivalent command-line operation: | ||
|
|
||
| ```shell | ||
| qvm-features dom0 preload-dispvm-max 10 |
There was a problem hiding this comment.
While in theory the exact value doesn't matter as an example, in practice people will use this as-is when trying it out. 10 dispvms is a lot, and will use considerable amount of memory, especially relevant for systems with not a lot of RAM... More preloaded disposables is useful only if you use them quickly one after another (qubes builder likely will be such example), but for normal usage (for example using disposables to view/edit documents) I'd say even 1 or 2 is a reasonable value.
ben-grande
force-pushed
the
announce-preload
branch
from
c38969c to
b98e97b
Compare
2025-07-10-preloaded-disposables.md
Outdated
|
|
||
| --> | ||
|
|
||
| ## Know issues |
There was a problem hiding this comment.
| ## Know issues | |
| ## Known issues |
2025-07-10-preloaded-disposables.md
Outdated
| A [disposable](/doc/how-to-use-disposables/) is a lightweight qube that can be | ||
| created quickly and will self-destruct when closed. Disposables are usually | ||
| created in order to host and execute untrusted code, be it on the software | ||
| level a single application (like a viewer, editor or web browser) or the |
There was a problem hiding this comment.
| level a single application (like a viewer, editor or web browser) or the | |
| level of a single application (like a viewer, editor or web browser) or the |
2025-07-10-preloaded-disposables.md
Outdated
| created quickly and will self-destruct when closed. Disposables are usually | ||
| created in order to host and execute untrusted code, be it on the software | ||
| level a single application (like a viewer, editor or web browser) or the | ||
| hardware level ([PCI passtrough](/doc/how-to-use-pci-devices/)). |
There was a problem hiding this comment.
| hardware level ([PCI passtrough](/doc/how-to-use-pci-devices/)). | |
| hardware level (e.g., for [PCI passthrough](/doc/how-to-use-pci-devices/)). |
2025-07-10-preloaded-disposables.md
Outdated
| for every new task. Unnamed disposables are ideal for this use case. So, what | ||
| is the problem with them? The caller has to wait for a complete qube startup | ||
| before running the desired application. The delay might seem a minor annoyance | ||
| at first, but over a prolonged period, fatigued users run applications on |
There was a problem hiding this comment.
| at first, but over a prolonged period, fatigued users run applications on | |
| at first, but over a prolonged period, fatigued users tend to reuse |
2025-07-10-preloaded-disposables.md
Outdated
| is the problem with them? The caller has to wait for a complete qube startup | ||
| before running the desired application. The delay might seem a minor annoyance | ||
| at first, but over a prolonged period, fatigued users run applications on | ||
| already tainted qubes or in the qube itself to avoid the waiting time. |
There was a problem hiding this comment.
| already tainted qubes or in the qube itself to avoid the waiting time. | |
| tainted disposables or run applications in non-disposable qubes to avoid the waiting time. |
2025-07-10-preloaded-disposables.md
Outdated
| at first, but over a prolonged period, fatigued users run applications on | ||
| already tainted qubes or in the qube itself to avoid the waiting time. | ||
|
|
||
| The problem is not the user's lack of understanding or lack of documentation |
There was a problem hiding this comment.
| The problem is not the user's lack of understanding or lack of documentation | |
| The problem is not the user's lack of understanding or a lack of documentation |
2025-07-10-preloaded-disposables.md
Outdated
| already tainted qubes or in the qube itself to avoid the waiting time. | ||
|
|
||
| The problem is not the user's lack of understanding or lack of documentation | ||
| but how the user perceives the system. If the system is slow, the user will |
There was a problem hiding this comment.
| but how the user perceives the system. If the system is slow, the user will | |
| but how the user perceives the system. If the system is slow, many users will |
2025-07-10-preloaded-disposables.md
Outdated
|
|
||
| Yes! It can do better. | ||
|
|
||
| In the project lead's presentation |
There was a problem hiding this comment.
| In the project lead's presentation | |
| Qubes OS project lead Marek Marczykowski-Górecki, in his |
2025-07-10-preloaded-disposables.md
Outdated
|
|
||
| In the project lead's presentation | ||
| [Qubes OS development status update](https://cfp.3mdeb.com/qubes-os-summit-2024/talk/AWCBJ8/) | ||
| at the Qubes OS Summit 2024, it was mentioned that there was intent for faster |
There was a problem hiding this comment.
| at the Qubes OS Summit 2024, it was mentioned that there was intent for faster | |
| at Qubes OS Summit 2024, mentioned plans for faster |
2025-07-10-preloaded-disposables.md
Outdated
| In the project lead's presentation | ||
| [Qubes OS development status update](https://cfp.3mdeb.com/qubes-os-summit-2024/talk/AWCBJ8/) | ||
| at the Qubes OS Summit 2024, it was mentioned that there was intent for faster | ||
| disposable qube usage for this release. Here is where preloaded disposables |
There was a problem hiding this comment.
| disposable qube usage for this release. Here is where preloaded disposables | |
| disposables in Qubes OS 4.3. Here is where preloaded disposables |
2025-07-10-preloaded-disposables.md
Outdated
| [Qubes OS development status update](https://cfp.3mdeb.com/qubes-os-summit-2024/talk/AWCBJ8/) | ||
| at the Qubes OS Summit 2024, it was mentioned that there was intent for faster | ||
| disposable qube usage for this release. Here is where preloaded disposables | ||
| enters. |
There was a problem hiding this comment.
| enters. | |
| enter. |
There was a problem hiding this comment.
Isn't the subject preloaded disposables an it? Here is where it enters?
There was a problem hiding this comment.
preloaded disposables is plural.
2025-07-10-preloaded-disposables.md
Outdated
| suspended, as appropriate) and resumed (transparently) when a disposable qube | ||
| is requested by the user. | ||
|
|
||
| When the qube is preloaded, the qube application listing or the qube entry |
There was a problem hiding this comment.
| When the qube is preloaded, the qube application listing or the qube entry | |
| When the qube is preloaded, the qube application listing and the qube entry |
2025-07-10-preloaded-disposables.md
Outdated
| is requested by the user. | ||
|
|
||
| When the qube is preloaded, the qube application listing or the qube entry | ||
| itself is hidden from GUI applications such as the app menu and the Qrexec |
There was a problem hiding this comment.
| itself is hidden from GUI applications such as the app menu and the Qrexec | |
| itself are hidden from GUI applications such as the app menu and the Qrexec |
2025-07-10-preloaded-disposables.md
Outdated
| When the qube is preloaded, the qube application listing or the qube entry | ||
| itself is hidden from GUI applications such as the app menu and the Qrexec | ||
| Policy Ask prompt. This is by design to avoid contamination. A preload is not | ||
| something you use directly, but indirectly. |
There was a problem hiding this comment.
| something you use directly, but indirectly. | |
| something intended to be used directly, but indirectly. |
2025-07-10-preloaded-disposables.md
Outdated
| something you use directly, but indirectly. | ||
|
|
||
| The use of preloaded disposables is transparent, indistinguishable from the | ||
| usage of unnamed disposables. Requesting the creation of a new unnamed |
There was a problem hiding this comment.
| usage of unnamed disposables. Requesting the creation of a new unnamed | |
| use of unnamed disposables. Requesting the creation of a new unnamed |
2025-07-10-preloaded-disposables.md
Outdated
|
|
||
| The use of preloaded disposables is transparent, indistinguishable from the | ||
| usage of unnamed disposables. Requesting the creation of a new unnamed | ||
| disposable will instead mark a preload as used and reply with an already |
There was a problem hiding this comment.
| disposable will instead mark a preload as used and reply with an already | |
| disposable will instead mark a preload as used and reply with an already- |
2025-07-10-preloaded-disposables.md
Outdated
| usage of unnamed disposables. Requesting the creation of a new unnamed | ||
| disposable will instead mark a preload as used and reply with an already | ||
| running preloaded disposable, followed by the creation of a substitute. A | ||
| preload that is marked as used ceases to be a preload. It's applications |
There was a problem hiding this comment.
| preload that is marked as used ceases to be a preload. It's applications | |
| preload that is marked as used ceases to be a preload. Its application |
|
@ben-grande: I find myself suggesting changes for some of the same typos/errors more than once. It looks like maybe you're trying to manually implement my suggested changes but not actually implementing some of them or accidentally reverting some changes? You might want to use the "commit suggestion" feature (assuming you agree with the changes) to make this easier. Alternatively, I could just do an editing pass right before publication instead of iteratively while you're still revising the draft. The current workflow seems a bit inefficient for both of us, so I'll pause here for now. :) |
ben-grande
force-pushed
the
announce-preload
branch
from
b98e97b to
a68d701
Compare
Yes, I implement all the changes manually instead of copying from the Github WebUI to my code editor. I hope that one day the add to batch suggestion actually open an interface where it shows a patch instead of just prompting to commit in browser. About the same errors resurfacing... I don't really know what happened, I verified each suggestion manually. About making things easier, you are welcome to do a last pass when the draft is completed. Thanks for your effort so far. |
ben-grande
force-pushed
the
announce-preload
branch
from
a68d701 to
0332c49
Compare
ben-grande
force-pushed
the
announce-preload
branch
from
0332c49 to
601fef0
Compare
ben-grande
force-pushed
the
announce-preload
branch
from
601fef0 to
2bddc7a
Compare
2025-XX-XX-preloaded-disposables.md
Outdated
| A [disposable](/doc/how-to-use-disposables/) is a lightweight qube that can be | ||
| created quickly and will self-destruct when closed. Disposables are usually |
There was a problem hiding this comment.
The new definition introduced in QubesOS/qubes-doc#1554 is better.
2025-XX-XX-preloaded-disposables.md
Outdated
| There are two kinds of disposables, unnamed and named. The difference between | ||
| them (besides one having a fixed name) is that unnamed disposables are | ||
| destroyed when closing the first application opened in them while the user | ||
| must explicitly shut down named disposables. |
There was a problem hiding this comment.
I mentioned this about QubesOS/qubes-doc#1554 but it is not exactly true when attaching devices.
There was a problem hiding this comment.
I included this in the glossary and the how to. I am not sure I will add it here.
| GUI daemon only starts the connection with the qube's GUI agent when the | ||
| preload disposable is marked as used. | ||
|
|
||
| [](/attachment/posts/preload-graph_01_stack_stack_0.png) |
There was a problem hiding this comment.
These kind of graphs should provide a full textual description. Maybe the easiest way to do that would be to provide tables too?
There was a problem hiding this comment.
Ideally, matplotlib would automatically generate them. I found out there is matplotlibalt, but installation is only via pip...
See that OpenQA is already generating graphs, which is nice. Matplotalt has an option img_file that can save alt text to JPEG. But for that to hapen on CI, I would need to get a pip package to dom0 using a wrapper to bypass network restrictions (probably there is an integrated script for that already or the curl wrapper CI uses to fetch from local network), or copy the results to a vm, install matplotalt in a vm, generate the results there and them copy them to dom0 so they can be uploaded to OpenQA at the end of the job. @marmarek ?
Or I can fix jjust this case by writing the results manually.
2025-XX-XX-preloaded-disposables.md
Outdated
| with `qvm-console-dispvm`. The default qube for those operations is | ||
| `default-mgmt-dvm`: | ||
|
|
||
| [](/attachment/posts/preload-local.png) |
There was a problem hiding this comment.
The alt isn't consistent (should be "qube's settings") and a detailed textual description should be provided.
2025-XX-XX-preloaded-disposables.md
Outdated
| If you use the global `default_dispvm` a lot, you can target the global | ||
| preload setting by setting the feature on `dom0`: | ||
|
|
||
| [](/attachment/posts/preload-global.png) |
There was a problem hiding this comment.
A detailed textual description should be provided here too.
ben-grande
force-pushed
the
announce-preload
branch
from
2bddc7a to
0cc4549
Compare
| destroyed when closing the first application opened in them (on most | ||
| workflows) while the user must explicitly shut down named disposables. |
There was a problem hiding this comment.
(on most workflows)
Nice balance between precision and readability!
2025-XX-XX-preloaded-disposables.md
Outdated
| with `qvm-console-dispvm`. The default qube for those operations is | ||
| `default-mgmt-dvm`: | ||
|
|
||
| [](/attachment/posts/preload-local.png) |
ben-grande
force-pushed
the
announce-preload
branch
from
0cc4549 to
15b5d0a
Compare
ben-grande
force-pushed
the
announce-preload
branch
from
15b5d0a to
d22444a
Compare
4 participants
Depends:
Graphs are finished, they should be added to
qubes-attachmentand also, I think it is a good idea to update the disposable documentation before this post is published, because the docs is outdated, I will do it this week and reference bits of the documentation in this post.