Re: [libvirt] [PATCH] qemu: always ask for -enable-fips

QEMU already detects current FIPs enablement via the file /proc/sys/crypto/fips_enabled, but only if you use --enable-fips. This is really stupid given that all the crypto libraries that QEMU uses unconditonally look at the proc file. So by having this flag QEMU is in the insane situation where if FIPS is enabled then part of QEMU will honour FIPS settings but other parts of QEMU will not honour it until you pass --enable-fips. Insanity. So having libvirt pass --enable-fips unconditionally fixes this insanity as much as possible. Better yet if QEMU were to just remove the pointless --enable-fips arg and just respect the fips_enabled sysctl flag by default.