Comment 0 for bug 1817943

Based on 1815452, specifically the PPA from in Comment #17.

First, trying gives me these apparmor denied entries (complete log in default_PPA_denies.log):
Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0
Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.289:191): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0
Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/proc/modules" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0
Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/bus/pci/devices/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0
Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.429:192): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/proc/modules" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0
Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.429:193): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/bus/pci/devices/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0
Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/usr/share/egl/egl_external_platform.d/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0
Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0
Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.509:194): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/usr/share/egl/egl_external_platform.d/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0
Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.509:195): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0

Worked around them (or so I think) by adding to local/abstractions/libvirt-qemu:
  /proc/modules r,
  /proc/driver/nvidia/ r,
  /proc/driver/nvidia/** r,
  /usr/share/egl/ r,
  /usr/share/egl/** r,
  /sys/devices/** r,
  /sys/devices/ r,
  /dev/nvidiactl rw,

This doesn't give anymore AppArmor denials, but does result in (full log in my_attempted_workaround.log):
Feb 27 09:40:16 desktop libvirtd[1468]: Unable to read from monitor: Connection reset by peer
Feb 27 09:40:16 desktop libvirtd[1468]: internal error: qemu unexpectedly closed the monitor: qemu-system-x86_64: ../src/gallium/drivers/llvmpipe/lp_texture.c:499: llvmpipe_resource_get_handle: Assertion `lpr->dt' failed.

Other relevant bits:
I'm using the nvidia 415 driver from the graphics-driver ppa.