Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-03-29 17:58:00 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update Glossary

Browse Source 
* Add definition for "VM"
* Re-define "domain" (QubesOS/qubes-issues#1015)
* Add cross-reference links throughout the page
* Many other small updates and fixes
This commit is contained in:
Andrew David Wong 2016-05-25 01:52:38 -07:00
parent fdeab1e478
commit c120d0043f
No known key found for this signature in database
GPG Key ID: 8CE137352A019A17
1 changed files with 54 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
reference/glossary.md
View File

@ -22,9 +22,14 @@ compartmentalized (or isolated) in separate **qubes**.
technical contexts where spaces are not permitted, (e.g., usernames), the technical contexts where spaces are not permitted, (e.g., usernames), the
space may be omitted, as in `QubesOS`. space may be omitted, as in `QubesOS`.
VM
--
An abbreviation for "virtual machine." A software implementation of a machine
(for example, a computer) which executes programs like a physical machine.
Qube Qube
---- ----
A user-friendly term for a **domain** (i.e., a VM) in Qubes OS. A user-friendly term for a [VM](#vm) in Qubes OS.
* Example: "In Qubes OS, you do your banking in your 'banking' qube and your * Example: "In Qubes OS, you do your banking in your 'banking' qube and your
web surfing in your 'untrusted' qube. That way, if your 'untrusted' qube is web surfing in your 'untrusted' qube. That way, if your 'untrusted' qube is
@ -38,41 +43,50 @@ A user-friendly term for a **domain** (i.e., a VM) in Qubes OS.
* The term "qube" should be lowercase unless it is the first word in a * The term "qube" should be lowercase unless it is the first word in a
sentence. Note that starting a sentence with the plural of "qube" (i.e., sentence. Note that starting a sentence with the plural of "qube" (i.e.,
"Qubes...") can be ambiguous, since it may not be clear whether the referent "Qubes...") can be ambiguous, since it may not be clear whether the referent
is a collection of qubes or Qubes OS. is a collection of qubes or [Qubes OS](#qubes-os).
Domain Domain
------ ------
A synonym for **virtual machine (VM)**. A software implementation of a machine An area or set of activities in one's digital life that has certain security
(for example, a computer) which executes programs like a physical machine. requirements and therefore involves the use of certain [qubes](#qube). For
example, suppose your "email" domain encompasses the activity of sending
PGP-encrypted email. This domain may include your email qube and your [Split
GPG](/doc/split-gpg) qube. Note that domains and qubes are not the same thing.
In this example, your "email" domain includes the use of two qubes. Furthermore,
a qube can fall under multiple domains simultaneously. For example, your Split
GPG qube may also be part of your "software development" domain if you PGP-sign
your Git commits.
Dom0 Dom0
---- ----
Domain Zero. Also known as the **host** domain, dom0 is the initial domain Domain Zero. Also known as the **host** domain, dom0 is the initial VM
started by the Xen hypervisor on boot. Dom0 runs the Xen management toolstack started by the Xen hypervisor on boot. Dom0 runs the Xen management toolstack
and has special privileges relative to other domains, such as direct access to and has special privileges relative to other domains, such as direct access to
most hardware. most hardware. (Note that the use of "domain" for a synonym for "VM" is specific
to Xen. Qubes diverges from this practice. See: [domain](#domain).)
DomU DomU
---- ----
Unprivileged Domain. Also known as **guest** domains, domUs are the counterparts Unprivileged Domain. Also known as **guest** domains, domUs are the counterparts
to dom0. All domains except dom0 are domUs. By default, most domUs lack direct to dom0. All VMs except dom0 are domUs. By default, most domUs lack direct
hardware access. hardware access. (Note that the use of "domain" for a synonym for "VM" is
specific to Xen. Qubes diverges from this practice. See: [domain](#domain).)
TemplateVM TemplateVM
---------- ----------
Template Virtual Machine. Any VM which supplies its root filesystem to another Template Virtual Machine. Any [VM](#vm) which supplies its root filesystem to
VM. TemplateVMs are intended for installing and updating software applications, another VM. TemplateVMs are intended for installing and updating software
but not for running them. applications, but not for running them.
* Colloquially, TemplateVMs are often referred to as "templates." * Colloquially, TemplateVMs are often referred to as "templates."
TemplateBasedVM TemplateBasedVM
--------------- ---------------
Any VM which depends on a TemplateVM for its root filesystem. Any [VM](#vm) which depends on a TemplateVM for its root filesystem.
Standalone(VM) Standalone(VM)
-------------- --------------
Standalone (Virtual Machine). In general terms, a VM is described as Standalone (Virtual Machine). In general terms, a [VM](#vm) is described as
**standalone** if and only if it does not depend on any other VM for its root **standalone** if and only if it does not depend on any other VM for its root
filesystem. (In other words, a VM is standalone if and only if it is not a filesystem. (In other words, a VM is standalone if and only if it is not a
TemplateBasedVM.) More specifically, a **StandaloneVM** is a type of VM in Qubes TemplateBasedVM.) More specifically, a **StandaloneVM** is a type of VM in Qubes
@ -82,15 +96,16 @@ while a TemplateVM is a type of standalone VM, it is not a StandaloneVM.)
AppVM AppVM
----- -----
Application Virtual Machine. A VM which is intended for running software Application Virtual Machine. A [VM](#vm) which is intended for running software
applications. Typically a TemplateBasedVM, but may be a StandaloneVM. Never a applications. Typically a TemplateBasedVM, but may be a StandaloneVM. Never a
TemplateVM. TemplateVM.
NetVM NetVM
----- -----
Network Virtual Machine. A type of VM which connects directly to a network and Network Virtual Machine. A type of [VM](#vm) which connects directly to a
provides access to that network to other VMs which connect to the NetVM. A NetVM network and provides access to that network to other VMs which connect to the
called `sys-net` is created by default in most Qubes installations. NetVM. A NetVM called `sys-net` is created by default in most Qubes
installations.
Alternatively, "NetVM" may refer to whichever VM is directly connected to a VM Alternatively, "NetVM" may refer to whichever VM is directly connected to a VM
for networking purposes. For example, if `untrusted` is directly connected to for networking purposes. For example, if `untrusted` is directly connected to
@ -99,32 +114,32 @@ is `untrusted`'s NetVM," even though `sys-firewall` is a ProxyVM.
ProxyVM ProxyVM
------- -------
Proxy Virtual Machine. A type of VM which proxies network access for other VMs. Proxy Virtual Machine. A type of [VM](#vm) which proxies network access for
Typically, a ProxyVM sits between a NetVM and another VM (such as an AppVM or a other VMs. Typically, a ProxyVM sits between a NetVM and another VM (such as an
TemplateVM) which requires network access. AppVM or a TemplateVM) which requires network access.
FirewallVM FirewallVM
---------- ----------
Firewall Virtual Machine. A type of ProxyVM which is used to enforce Firewall Virtual Machine. A type of [ProxyVM](#proxyvm) which is used to enforce
network-level policies (a.k.a. "firewall rules"). A FirewallVM called network-level policies (a.k.a. "firewall rules"). A FirewallVM called
`sys-firewall` is created by default in most Qubes installations. `sys-firewall` is created by default in most Qubes installations.
DispVM DispVM
------ ------
Disposable Virtual Machine. A temporary AppVM which can quickly be created, Disposable Virtual Machine. A temporary [AppVM](#appvm) which can quickly be
used, and destroyed. created, used, and destroyed.
DVM DVM
--- ---
An abbreviation of **DispVM**, typically used to refer to the TemplateVM on An abbreviation of [DispVM](#dispvm), typically used to refer to the TemplateVM
which DispVMs are based. By default, a VM named `fedora-XX-dvm` is created on on which DispVMs are based. By default, a VM named `fedora-XX-dvm` is created on
most Qubes installations (where `XX` is the current Fedora version). most Qubes installations (where `XX` is the current Fedora version).
PV PV
-- --
Paravirtualization. An efficient and lightweight virtualization technique Paravirtualization. An efficient and lightweight virtualization technique
originally introduced by the Xen Project and later adopted by other originally introduced by the Xen Project and later adopted by other
virtualization platforms. Unlike HVMs, paravirtualized VMs do not require virtualization platforms. Unlike HVMs, paravirtualized [VMs](#vm) do not require
virtualization extensions from the host CPU. However, paravirtualized VMs virtualization extensions from the host CPU. However, paravirtualized VMs
require a PV-enabled kernel and PV drivers, so the guests are aware of the require a PV-enabled kernel and PV drivers, so the guests are aware of the
hypervisor and can run efficiently without emulation or virtual emulated hypervisor and can run efficiently without emulation or virtual emulated
@ -132,26 +147,29 @@ hardware.
HVM HVM
--- ---
Hardware Virtual Machine. Any fully virtualized, or hardware-assisted, VM Hardware Virtual Machine. Any fully virtualized, or hardware-assisted, [VM](#vm)
utilizing the virtualization extensions of the host CPU. Although HVMs are utilizing the virtualization extensions of the host CPU. Although HVMs are
typically slower than paravirtualized VMs due to the required emulation, HVMs typically slower than paravirtualized VMs due to the required emulation, HVMs
allow the user to create domains based on any operating system. allow the user to create domains based on any operating system.
StandaloneHVM StandaloneHVM
------------- -------------
Any HVM which is standalone (i.e., does not depend on any other VM for its root Any [HVM](#hvm) which is standalone (i.e., does not depend on any other VM for
filesystem). In Qubes, StandaloneHVMs are referred to simply as **HVMs**. its root filesystem). In Qubes, StandaloneHVMs are referred to simply as
**HVMs**.
TemplateHVM TemplateHVM
----------- -----------
Any HVM which functions as a TemplateVM by supplying its root filesystem to Any [HVM](#hvm) which functions as a [TemplateVM](#templatevm) by supplying its
other VMs. In Qubes, TemplateHVMs are referred to as **HVM templates**. root filesystem to other VMs. In Qubes, TemplateHVMs are referred to as **HVM
templates**.
PVH PVH
--- ---
PV on HVM. To boost performance, fully virtualized HVM guests can use special [PV](#pv) on [HVM](#hvm). To boost performance, fully virtualized HVM guests can
paravirtual device drivers (PVHVM or PV-on-HVM drivers). These drivers are use special paravirtual device drivers (PVHVM or PV-on-HVM drivers). These
optimized PV drivers for HVM environments and bypass the emulation for disk and drivers are optimized PV drivers for HVM environments and bypass the emulation
network I/O, thus providing PV-like (or better) performance on HVM systems. This for disk and network I/O, thus providing PV-like (or better) performance on HVM
allows for optimal performance on guest operating systems such as Windows. systems. This allows for optimal performance on guest operating systems such as
Windows.