From 9545edc79d75e75d47c51d5da651975c01e919ec Mon Sep 17 00:00:00 2001
From: Stephen Finucane <sfinucan@redhat.com>
Date: Thu, 3 Oct 2019 15:23:53 +0100
Subject: [PATCH] docs: Highlight the current broken state of SEV

This won't be resolved in time for Train GA, so add a release note
highlighting the problem until such a time as the release is fixed.

Change-Id: Iae30e12084640d1c0f072d2db18653111988929e
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
Related-Bug: #1845986
Stable-Only
---
 .../admin/configuration/hypervisor-kvm.rst    | 10 +++++++++
 .../notes/bug-1845986-95cbede0a296b088.yaml   | 21 +++++++++++++++++++
 2 files changed, 31 insertions(+)
 create mode 100644 releasenotes/notes/bug-1845986-95cbede0a296b088.yaml

diff --git a/doc/source/admin/configuration/hypervisor-kvm.rst b/doc/source/admin/configuration/hypervisor-kvm.rst
index b0bd8ecc5d39..2802ba84cb74 100644
--- a/doc/source/admin/configuration/hypervisor-kvm.rst
+++ b/doc/source/admin/configuration/hypervisor-kvm.rst
@@ -684,6 +684,16 @@ explained above.
 Impermanent limitations
 -----------------------
 
+The following image metadata options are incompatible with the feature due to
+`bug #1845986 <https://bugs.launchpad.net/nova/+bug/1845986>`__.
+
+- ``hw_scsi_model=virtio-scsi`` and either ``hw_disk_bus=scsi`` or
+  ``hw_cdrom_bus=scsi``
+- ``hw_video_model=virtio``
+- ``hw_qemu_guest_agent=yes``
+
+This limitation will be resolved in the future.
+
 The following limitations may be removed in the future as the
 hardware, firmware, and various layers of software receive new
 features:
diff --git a/releasenotes/notes/bug-1845986-95cbede0a296b088.yaml b/releasenotes/notes/bug-1845986-95cbede0a296b088.yaml
new file mode 100644
index 000000000000..cbb54cc1ac08
--- /dev/null
+++ b/releasenotes/notes/bug-1845986-95cbede0a296b088.yaml
@@ -0,0 +1,21 @@
+---
+issues:
+  - |
+    The support for guest RAM encryption using AMD SEV (Secure Encrypted
+    Virtualization) added in Train is incompatible with a number of image
+    metadata options:
+
+    - ``hw_scsi_model=virtio-scsi`` and either ``hw_disk_bus=scsi`` or
+      ``hw_cdrom_bus=scsi``
+    - ``hw_video_model=virtio``
+    - ``hw_qemu_guest_agent=yes``
+
+    When used together, the guest kernel can malfunction with repeated warnings
+    like::
+
+        NMI watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [system-udevd:272]
+
+    This will be resolved in a future patch release. For more information,
+    refer to `bug 1845986`__
+
+    __ https://bugs.launchpad.net/nova/+bug/1845986