I rebased the patch on current master.

Additional changes: I added a missing TEMP_FAILURE_RETRY to the 
/dev/urandom-based reseeding.  I changed the x86 hardware implementation 
not to us a separate flag variable, so this implementation doesn't need 
any CPU-specific state after all.

Thanks,
Florian