lib: qemu: Don't use -enable-fips option.

QEMU has deprecated this option:

    commit 166310299a1e7824bbff17e1f016659d18b4a559
    Author: Daniel P. Berrangé
    Date:   Tue Oct 20 17:08:27 2020 +0100

    os: deprecate the -enable-fips option and QEMU's FIPS enforcement

    The -enable-fips option was added a long time ago to prevent the use of
    single DES when VNC when FIPS mode is enabled. It should never have been
    added, because apps are supposed to unconditionally honour FIPS mode
    based on the '/proc/sys/crypto/fips_enabled' file contents.

    In addition there is more to achieving FIPS compliance than merely
    blocking use of certain algorithms. Those algorithms which are used
    need to perform self-tests at runtime.

    QEMU's built-in cryptography provider has no support for self-tests,
    and neither does the nettle library.

    If QEMU is required to be used in a FIPS enabled host, then it must be
    built with the libgcrypt library enabled, which will unconditionally
    enforce FIPS compliance in any algorithm usage.

    Thus there is no need to keep either the -enable-fips option in QEMU, or
    QEMU's internal FIPS checking methods.

lib/launch-direct.c

@@ -514,13 +514,6 @@ launch_direct (guestfs_h *g, void *datav, const char *arg)
   if (guestfs_int_qemu_supports (g, data->qemu_data, "-no-user-config"))
     flag ("-no-user-config");
 
-  /* This oddly named option doesn't actually enable FIPS.  It just
-   * causes qemu to do the right thing if FIPS is enabled in the
-   * kernel.  So like libvirt, we pass it unconditionally.
-   */
-  if (guestfs_int_qemu_supports (g, data->qemu_data, "-enable-fips"))
-    flag ("-enable-fips");
-
   /* Newer versions of qemu (from around 2009/12) changed the
    * behaviour of monitors so that an implicit '-monitor stdio' is
    * assumed if we are in -nographic mode and there is no other