Comment 29 for bug 1677398

FYI - dir based pools already work if they are in a common and expected path like seen in
/etc/apparmor.d/usr.lib.libvirt.virt-aa-helper

  @{HOME}/ r,
  @{HOME}/** r,
  /var/lib/libvirt/images/ r,
  /var/lib/libvirt/images/** r,
  # nova base images (LP: #907269)
  /var/lib/nova/images/** r,
  /var/lib/nova/instances/_base/** r,
  # nova snapshots (LP: #1244694)
  /var/lib/nova/instances/snapshots/** r,
  # nova base/snapshot files in snapped nova (LP: #1644507)
  /var/snap/nova-hypervisor/common/instances/_base/** r,
  /var/snap/nova-hypervisor/common/instances/snapshots/** r,
  # eucalyptus (LP: #564914)
  /var/lib/eucalyptus/instances/**/disk* r,
  # eucalyptus loader (LP: #637544)
  /var/lib/eucalyptus/instances/**/loader* r,
  # for uvtool
  /var/lib/uvtool/libvirt/images/** r,
  # for multipass
  /var/snap/multipass/common/data/multipassd/vault/instances/** r,
  /{media,mnt,opt,srv}/** r,
  # For virt-sandbox
  /{,var/}run/libvirt/**/[sv]d[a-z] r,

If you need to run out of a more uncommon path you just need to add yours to
  /etc/apparmor.d/local/usr.lib.libvirt.virt-aa-helper
(more at https://ubuntu.com/server/docs/virtualization-libvirt)

That will allow virt-aa-helper to track these paths and add rules as needed.
This is working for various common use cases as uvtool or nova already.

Never the less I find it interesting to "see what happens" if calling into virDomainDiskTranslateSourcePool so if you have some time please consider answering my questions above.