For RHEL we would like apps to use FIPS-validated libraries, and
bigger picture, while I understand the original motivation behind
introducing GHMac, in practice the set of apps that link to GLib
and only need HMAC but not any other crypto services doesn't seemi
large enough to motivate its widespread usage.
Notably e.g. qemu links to glib but has an internal crypto abstraction (which does have GHMac as an option) but at least RHEL uses the libgcrypt backend there.
The set of apps using GHMac today isn't large, let's push them elsewhere.