So this can be a tough question as you have different possibilities and it depends on the type of the switch. HP switches come with ArubaOS (or its predecessor Provision OS) and both operate slightly different.
Then you have the PC-behind-phone part, where the phone acts more or less like a switch and strips its own data and is transparent to the device behind the phone. The phone typically get the voice traffic tagged in a voice VLAN (and you use LLDP, DHCP or manual setting to provide the phone with its voice VLAN-id, but getting it untagged works as well in most cases.
One of the nice features of running 802.1X (and MAC auth) is that you can, depending on the setting have multiple devices on the same port (or even a hub/dumb switch behind that with multiple devices) and let the switch authenticate each device individually and even place them in different VLANs.
I've done this multiple times, and in most cases it just works. If you have your QoS on the VLAN, you should not really care if the traffic is tagged or untagged.
Many switches have options on how to authenticate, one old-school example is that the first MAC authenticates the port and after that all traffic is allowed on that port. In ArubaOS switches that is called 'port-mode'. Then some switches have a variant where you authenticate one device on the untagged vlan, and one on the tagged voice VLAN, and the most advanced is where you authenticate each device individual, which is called user-mode in Aruba switches (and the default setting).
To get started with ArubaOS switches, please check Aruba Solution Exchange (https://ase.arubanetworks.com/solutions/id/133) and if you really want to have a tagged voice VLAN that is announced via LLDP, check this place: http://networktasks.co.uk/environments/hp/provision/802-1x-port-authentication
If you have more specific questions, send another post on Airheads or speak with Technical support if you can't get the configuration done.