diff -Nru libvirt-1.3.1/debian/changelog libvirt-1.3.1/debian/changelog
--- libvirt-1.3.1/debian/changelog	2016-04-07 15:05:54.000000000 +0000
+++ libvirt-1.3.1/debian/changelog	2016-04-15 06:17:00.000000000 +0000
@@ -1,3 +1,11 @@
+libvirt (1.3.1-1ubuntu10) xenial; urgency=medium
+
+  * d/p/u/virt-aa-helper-apparmor-allow-usr-share-AAVMF-too.patch: Allow
+    access to /usr/share/AAVMF/** and /usr/share/qemu-efi/** for aarch64 UEFI.
+    (LP: #1538882)
+
+ -- William Grant <wgrant@ubuntu.com>  Fri, 15 Apr 2016 12:08:21 +1000
+
 libvirt (1.3.1-1ubuntu9) xenial; urgency=medium
 
   * Remove the tasks limit on libvirt-bin service (LP: #1567381)
diff -Nru libvirt-1.3.1/debian/patches/series libvirt-1.3.1/debian/patches/series
--- libvirt-1.3.1/debian/patches/series	2016-04-07 15:02:15.000000000 +0000
+++ libvirt-1.3.1/debian/patches/series	2016-04-15 06:14:55.000000000 +0000
@@ -53,3 +53,4 @@
 ubuntu/virt-aa-helper-helpfix.patch
 ubuntu/virt-aa-helper-add-guest-agent-rule.patch
 libvirt-bin-service-nolimit.patch
+ubuntu/virt-aa-helper-apparmor-allow-usr-share-AAVMF-too.patch
diff -Nru libvirt-1.3.1/debian/patches/ubuntu/virt-aa-helper-apparmor-allow-usr-share-AAVMF-too.patch libvirt-1.3.1/debian/patches/ubuntu/virt-aa-helper-apparmor-allow-usr-share-AAVMF-too.patch
--- libvirt-1.3.1/debian/patches/ubuntu/virt-aa-helper-apparmor-allow-usr-share-AAVMF-too.patch	1970-01-01 00:00:00.000000000 +0000
+++ libvirt-1.3.1/debian/patches/ubuntu/virt-aa-helper-apparmor-allow-usr-share-AAVMF-too.patch	2016-04-15 06:16:41.000000000 +0000
@@ -0,0 +1,31 @@
+Description: virt-aa-helper: Allow access to aarch64 UEFI images.
+Author: William Grant <wgrant@ubuntu.com>
+
+Index: libvirt-1.3.1/examples/apparmor/libvirt-qemu
+===================================================================
+--- libvirt-1.3.1.orig/examples/apparmor/libvirt-qemu
++++ libvirt-1.3.1/examples/apparmor/libvirt-qemu
+@@ -68,6 +68,8 @@
+   /usr/share/seabios/** r,
+   /usr/share/ovmf/** r,
+   /usr/share/OVMF/** r,
++  /usr/share/AAVMF/** r,
++  /usr/share/qemu-efi/** r,
+ 
+   # access PKI infrastructure
+   /etc/pki/libvirt-vnc/** r,
+Index: libvirt-1.3.1/src/security/virt-aa-helper.c
+===================================================================
+--- libvirt-1.3.1.orig/src/security/virt-aa-helper.c
++++ libvirt-1.3.1/src/security/virt-aa-helper.c
+@@ -571,7 +571,9 @@ valid_path(const char *path, const bool
+         "/initrd",
+         "/initrd.img",
+         "/usr/share/OVMF/",              /* for OVMF images */
+-        "/usr/share/ovmf/"               /* for OVMF images */
++        "/usr/share/ovmf/",              /* for OVMF images */
++        "/usr/share/AAVMF/",             /* for AAVMF images */
++        "/usr/share/qemu-efi/"           /* for AAVMF images */
+     };
+     /* override the above with these */
+     const char * const override[] = {