Comment 5 for bug 1845986

As noted by Sean at [1]

> right so to clarify, in its current state on master,
> SEV will only cause the error below if you enable have the following image metadata properties are set
>
> (hw_disk_bus=scsi or hw_cdrom_bus=scsi) and hw_scsi_modle=virtio-scsi
> hw_video_model=virtio (this is the default on arm but SEV only works on AMD x86_64
> hw_qemu_guest_agent=yes
>
> in all other cases it should work correctly.
>
> the error is caused because when any of the above combination of image properties are set a virio devices
> is created without instruct qemu to use dma mappable memory for the device by setting driver=iommu.
>
> as a result SEV will try to encrypt the device memory which will cause the guest kernel to lockup when udev tries to initialise the devices.
>
> sev will be functional if the default disk/video models are used and if the qemu disk agent is not used.

[1] https://review.opendev.org/#/c/686414/1/releasenotes/notes/bug-1845986-95cbede0a296b088.yaml@5