diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..b49101c
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+/jitterentropy-library-3.3.1.tar.gz
+/rng-tools-6.14.tar.gz
diff --git a/1-je-rh-makefile.patch b/1-je-rh-makefile.patch
new file mode 100644
index 0000000..7560779
--- /dev/null
+++ b/1-je-rh-makefile.patch
@@ -0,0 +1,56 @@
+diff -up ./jitterentropy-library/Makefile.orig ./jitterentropy-library/Makefile
+--- ./jitterentropy-library/Makefile	2021-07-13 17:23:42.954652287 +0200
++++ ./jitterentropy-library/Makefile	2021-07-13 17:27:27.958549833 +0200
+@@ -3,7 +3,7 @@
+ CC ?= gcc
+ #Hardening
+ CFLAGS ?= -fwrapv --param ssp-buffer-size=4 -fvisibility=hidden -fPIE -Wcast-align -Wmissing-field-initializers -Wshadow -Wswitch-enum
+-CFLAGS +=-Wextra -Wall -pedantic -fPIC -O0 -fwrapv -Wconversion
++CFLAGS +=-Wp,-U_FORTIFY_SOURCE -Wextra -Wall -pedantic -fPIC -O0 -fwrapv -Wconversion
+ LDFLAGS +=-Wl,-z,relro,-z,now -lpthread
+ 
+ GCCVERSIONFORMAT := $(shell echo `$(CC) -dumpversion | sed 's/\./\n/g' | wc -l`)
+@@ -28,7 +28,7 @@ LIBDIR := lib
+ INCDIR := include
+ SRCDIR := src
+ 
+-INSTALL_STRIP ?= install -s
++INSTALL ?= install
+ 
+ NAME := jitterentropy
+ LIBMAJOR=$(shell cat $(SRCDIR)/jitterentropy-base.c | grep define | grep MAJVERSION | awk '{print $$3}')
+@@ -73,25 +73,25 @@ cppcheck:
+ install: install-man install-shared install-includes
+ 
+ install-man:
+-	install -d -m 0755 $(DESTDIR)$(PREFIX)/share/man/man3
+-	install -m 644 doc/$(NAME).3 $(DESTDIR)$(PREFIX)/share/man/man3/
++	$(INSTALL) -d -m 0755 $(DESTDIR)$(PREFIX)/share/man/man3
++	$(INSTALL) -m 644 doc/$(NAME).3 $(DESTDIR)$(PREFIX)/share/man/man3/
+ 	gzip -n -f -9 $(DESTDIR)$(PREFIX)/share/man/man3/$(NAME).3
+ 
+ install-shared:
+-	install -d -m 0755 $(DESTDIR)$(PREFIX)/$(LIBDIR)
+-	$(INSTALL_STRIP) -m 0755 lib$(NAME).so.$(LIBVERSION) $(DESTDIR)$(PREFIX)/$(LIBDIR)/
++	$(INSTALL) -d -m 0755 $(DESTDIR)$(PREFIX)/$(LIBDIR)
++	$(INSTALL) -m 0755 lib$(NAME).so.$(LIBVERSION) $(DESTDIR)$(PREFIX)/$(LIBDIR)/
+ 	$(RM) $(DESTDIR)$(PREFIX)/$(LIBDIR)/lib$(NAME).so.$(LIBMAJOR)
+ 	ln -sf lib$(NAME).so.$(LIBVERSION) $(DESTDIR)$(PREFIX)/$(LIBDIR)/lib$(NAME).so.$(LIBMAJOR)
+ 	ln -sf lib$(NAME).so.$(LIBMAJOR) $(DESTDIR)$(PREFIX)/$(LIBDIR)/lib$(NAME).so
+ 
+ install-includes:
+-	install -d -m 0755 $(DESTDIR)$(PREFIX)/$(INCDIR)
+-	install -m 0644 jitterentropy.h $(DESTDIR)$(PREFIX)/$(INCDIR)/
+-	install -m 0644 jitterentropy-base-user.h $(DESTDIR)$(PREFIX)/$(INCDIR)/
++	$(INSTALL) -d -m 0755 $(DESTDIR)$(PREFIX)/$(INCDIR)
++	$(INSTALL) -m 0644 jitterentropy.h $(DESTDIR)$(PREFIX)/$(INCDIR)/
++	$(INSTALL) -m 0644 jitterentropy-base-user.h $(DESTDIR)$(PREFIX)/$(INCDIR)/
+ 
+ install-static:
+-	install -d -m 0755 $(DESTDIR)$(PREFIX)/$(LIBDIR)
+-	install -m 0755 lib$(NAME).a $(DESTDIR)$(PREFIX)/$(LIBDIR)/
++	$(INSTALL) -d -m 0755 $(DESTDIR)$(PREFIX)/$(LIBDIR)
++	$(INSTALL) -m 0755 lib$(NAME).a $(DESTDIR)$(PREFIX)/$(LIBDIR)/
+ 
+ clean:
+ 	@- $(RM) $(NAME)
diff --git a/2-je-remove-install.patch b/2-je-remove-install.patch
new file mode 100644
index 0000000..9f280b4
--- /dev/null
+++ b/2-je-remove-install.patch
@@ -0,0 +1,33 @@
+diff -up ./jitterentropy-library/Makefile.orig ./jitterentropy-library/Makefile
+--- ./jitterentropy-library/Makefile	2021-07-13 17:23:42.954652287 +0200
++++ ./jitterentropy-library/Makefile	2021-07-13 17:27:27.958549833 +0200
+@@ -70,29 +70,6 @@ scan: $(analyze_plists)
+ cppcheck:
+ 	cppcheck --force -q --enable=performance --enable=warning --enable=portability *.h *.c
+ 
+-install: install-man install-shared install-includes
+-
+-install-man:
+-	$(INSTALL) -d -m 0755 $(DESTDIR)$(PREFIX)/share/man/man3
+-	$(INSTALL) -m 644 doc/$(NAME).3 $(DESTDIR)$(PREFIX)/share/man/man3/
+-	gzip -n -f -9 $(DESTDIR)$(PREFIX)/share/man/man3/$(NAME).3
+-
+-install-shared:
+-	$(INSTALL) -d -m 0755 $(DESTDIR)$(PREFIX)/$(LIBDIR)
+-	$(INSTALL) -m 0755 lib$(NAME).so.$(LIBVERSION) $(DESTDIR)$(PREFIX)/$(LIBDIR)/
+-	$(RM) $(DESTDIR)$(PREFIX)/$(LIBDIR)/lib$(NAME).so.$(LIBMAJOR)
+-	ln -sf lib$(NAME).so.$(LIBVERSION) $(DESTDIR)$(PREFIX)/$(LIBDIR)/lib$(NAME).so.$(LIBMAJOR)
+-	ln -sf lib$(NAME).so.$(LIBMAJOR) $(DESTDIR)$(PREFIX)/$(LIBDIR)/lib$(NAME).so
+-
+-install-includes:
+-	$(INSTALL) -d -m 0755 $(DESTDIR)$(PREFIX)/$(INCDIR)
+-	$(INSTALL) -m 0644 jitterentropy.h $(DESTDIR)$(PREFIX)/$(INCDIR)/
+-	$(INSTALL) -m 0644 jitterentropy-base-user.h $(DESTDIR)$(PREFIX)/$(INCDIR)/
+-
+-install-static:
+-	$(INSTALL) -d -m 0755 $(DESTDIR)$(PREFIX)/$(LIBDIR)
+-	$(INSTALL) -m 0755 lib$(NAME).a $(DESTDIR)$(PREFIX)/$(LIBDIR)/
+-
+ clean:
+ 	@- $(RM) $(NAME)
+ 	@- $(RM) $(OBJS)
diff --git a/3-rt-use-jitter-static.patch b/3-rt-use-jitter-static.patch
new file mode 100644
index 0000000..7fa6ed4
--- /dev/null
+++ b/3-rt-use-jitter-static.patch
@@ -0,0 +1,54 @@
+diff -up ./Makefile.am.orig ./Makefile.am
+--- ./Makefile.am	2021-07-03 22:22:27.000000000 +0200
++++ ./Makefile.am	2021-08-06 12:18:48.498612099 +0200
+@@ -1,7 +1,7 @@
+ ##
+ ## Toplevel Makefile.am for rng-tools
+ ##
+-SUBDIRS		= contrib tests 
++SUBDIRS		= contrib tests jitterentropy-library
+ 
+ sbin_PROGRAMS	 = rngd
+ bin_PROGRAMS	 = rngtest
+@@ -14,7 +14,7 @@ rngd_SOURCES	= rngd.h rngd.c	rngd_entsou
+ if NISTBEACON
+ rngd_SOURCES	+= rngd_nistbeacon.c
+ endif
+- 
++
+ if RDRAND
+ rngd_SOURCES	+= rngd_rdrand.c rdrand_asm.S
+ endif
+@@ -27,29 +27,16 @@ if RNDR
+ rngd_SOURCES	+= rngd_rndr.c
+ endif
+ 
+-if JITTER
+ rngd_SOURCES	+= rngd_jitter.c
+-endif
+-
+-if RTLSDR
+-rngd_SOURCES	+= rngd_rtlsdr.c
+-endif
+ 
+-rngd_LDADD	= librngd.a $(LIBS) $(librtlsdr_LIBS) ${libp11_LIBS} ${libcrypto_LIBS} ${jansson_LIBS} ${libcurl_LIBS} ${libxml2_LIBS} ${openssl_LIBS} $(PTHREAD_LIBS)
++rngd_LDADD	= librngd.a $(LIBS) jitterentropy-library/libjitterentropy.a ${libcrypto_LIBS} ${jansson_LIBS} ${libcurl_LIBS} ${libxml2_LIBS} ${openssl_LIBS} $(PTHREAD_LIBS)
+ 
+-if PKCS11 
+-rngd_SOURCES	+= rngd_pkcs11.c
+-pkcs11_ENGINE = -DDEFAULT_PKCS11_ENGINE=\"$(PKCS11_ENGINE)\"
+-endif
+-
+-rngd_CFLAGS	= ${pkcs11_CFLAGS} $(librtlsdr_CFLAGS) ${pkcs11_ENGINE} ${libp11_CFLAGS} ${libcrypto_CFLAGS} ${libxml2_CFLAGS} ${openssl_CFLAGS} $(PTHREAD_CFLAGS)
+-rngd_LDFLAGS	= $(PTHREAD_CFLAGS) 
++rngd_CFLAGS	= ${libcrypto_CFLAGS} ${libxml2_CFLAGS} ${openssl_CFLAGS} $(PTHREAD_CFLAGS) -DHAVE_JITTER -I./jitterentropy-library/
++rngd_LDFLAGS	= $(PTHREAD_CFLAGS)
+ 
+ rngtest_SOURCES	= exits.h stats.h stats.c rngtest.c
+ rngtest_LDADD	= librngd.a
+ 
+ librngd_a_SOURCES = fips.h fips.c
+ 
+-
+ EXTRA_DIST	= autogen.sh
+-
diff --git a/4-rt-revert-build-randstat.patch b/4-rt-revert-build-randstat.patch
new file mode 100644
index 0000000..c784c64
--- /dev/null
+++ b/4-rt-revert-build-randstat.patch
@@ -0,0 +1,47 @@
+From de2ee0d8b7e8ad2915165ef941a6ec37442a2fdc Mon Sep 17 00:00:00 2001
+From: Vladis Dronov <vdronov@redhat.com>
+Date: Tue, 6 Jul 2021 14:36:46 +0200
+Subject: [PATCH] Revert "Build randstat binary"
+
+We do not want new and mostly useless randstat binary.
+This reverts commit 2ce93190cb0111fcab2f622a539689d70960643a.
+
+Signed-off-by: Vladis Dronov <vdronov@redhat.com>
+---
+ .gitignore          | 3 +--
+ contrib/Makefile.am | 5 +++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git .gitignore .gitignore
+index 943fa2b..5dc334d 100644
+--- .gitignore
++++ .gitignore
+@@ -1,6 +1,6 @@
+ *.a
+ *.o
+-.deps/
++/.deps/
+ /aclocal.m4
+ /ar-lib
+ /autom4te.cache/
+@@ -10,7 +10,6 @@
+ /config.status
+ /config.sub
+ /configure
+-/contrib/randstat
+ /depcomp
+ /install-sh
+ /missing
+diff --git contrib/Makefile.am contrib/Makefile.am
+index a81fb0e..18c4fbc 100644
+--- contrib/Makefile.am
++++ contrib/Makefile.am
+@@ -1,2 +1,3 @@
+-bin_PROGRAMS = randstat
+-randstat_SOURCES = randstat.c
++
++EXTRA_DIST = randstat.c
++
+-- 
+2.26.3
+
diff --git a/5-rt-comment-out-have-aesni.patch b/5-rt-comment-out-have-aesni.patch
new file mode 100644
index 0000000..8661e6e
--- /dev/null
+++ b/5-rt-comment-out-have-aesni.patch
@@ -0,0 +1,42 @@
+From 86a66ed41390fa5f98aade60a55376269fd163b0 Mon Sep 17 00:00:00 2001
+From: Vladis Dronov <vdronov@redhat.com>
+Date: Fri, 17 Sep 2021 01:04:51 +0200
+Subject: [PATCH] Comment out an unused assignment
+
+Covscan warns about an unused value. Comment it out.
+
+Defect type: UNUSED_VALUE: covscan warning:
+rng-tools-6.13/rngd_rdrand.c:260: assigned_value: Assigning value
+from "!!(info.ecx & 0x2000000U)" to "have_aesni" here, but that
+stored value is overwritten before it can be used.
+
+Signed-off-by: Vladis Dronov <vdronov@redhat.com>
+---
+ rngd_rdrand.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git rngd_rdrand.c rngd_rdrand.c
+index caa9d05..ea7b8fa 100644
+--- rngd_rdrand.c
++++ rngd_rdrand.c
+@@ -239,7 +239,7 @@ int init_drng_entropy_source(struct rng *ent_src)
+ 	struct cpuid info;
+ 	/* We need RDRAND, but AESni is optional */
+ 	const uint32_t features_ecx1_rdrand = 1 << 30;
+-	const uint32_t features_ecx1_aesni  = 1 << 25;
++	//const uint32_t features_ecx1_aesni  = 1 << 25;
+ 	const uint32_t features_ebx7_rdseed = 1 << 18;
+ 	uint32_t max_cpuid_leaf;
+ 	unsigned char xkey[AES_BLOCK];	/* Material to XOR into the key */
+@@ -257,7 +257,7 @@ int init_drng_entropy_source(struct rng *ent_src)
+ 	if (!(info.ecx & features_ecx1_rdrand))
+ 		return 1;
+ 
+-	have_aesni = !!(info.ecx & features_ecx1_aesni);
++	//have_aesni = !!(info.ecx & features_ecx1_aesni);
+ 	have_aesni = 0; /* BACK OUT NH */
+ 	have_rdseed = 0;
+ 	if (max_cpuid_leaf >= 7) {
+-- 
+2.26.3
+
diff --git a/6-je-fix-ec-check.patch b/6-je-fix-ec-check.patch
new file mode 100644
index 0000000..16dedd9
--- /dev/null
+++ b/6-je-fix-ec-check.patch
@@ -0,0 +1,20 @@
+diff -up jitterentropy-library/src/jitterentropy-noise.c.orig jitterentropy-library/src/jitterentropy-noise.c
+--- jitterentropy-library/src/jitterentropy-noise.c	2021-11-23 15:42:47.809329173 +0100
++++ jitterentropy-library/src/jitterentropy-noise.c	2021-11-23 15:44:19.820499338 +0100
+@@ -188,7 +188,7 @@ static void jent_memaccess(struct rand_data *ec, uint64_t loop_cnt)
+ 		uint32_t u[4];
+ 		uint8_t b[sizeof(uint32_t) * 4];
+ 	} prngState = { .u = {0x8e93eec0, 0xce65608a, 0xa8d46b46, 0xe83cef69} };
+-	uint32_t addressMask = ec->memmask;
++	uint32_t addressMask;
+ 
+ 	/* Ensure that macros cannot overflow jent_loop_shuffle() */
+ 	BUILD_BUG_ON((MAX_ACC_LOOP_BIT + MIN_ACC_LOOP_BIT) > 63);
+@@ -197,6 +197,7 @@ static void jent_memaccess(struct rand_data *ec, uint64_t loop_cnt)
+ 
+ 	if (NULL == ec || NULL == ec->mem)
+ 		return;
++	addressMask = ec->memmask;
+ 
+ 	/*
+ 	 * Mix the current data into prngState
diff --git a/60-hwrng.rules b/60-hwrng.rules
new file mode 100644
index 0000000..dfb7cae
--- /dev/null
+++ b/60-hwrng.rules
@@ -0,0 +1 @@
+SUBSYSTEM=="misc", KERNEL=="hw_random", GROUP="rngd", MODE="0640"
diff --git a/EMPTY b/EMPTY
deleted file mode 100644
index 0519ecb..0000000
--- a/EMPTY
+++ /dev/null
@@ -1 +0,0 @@
- 
\ No newline at end of file
diff --git a/rng-tools.spec b/rng-tools.spec
new file mode 100644
index 0000000..402a3ac
--- /dev/null
+++ b/rng-tools.spec
@@ -0,0 +1,236 @@
+%global _hardened_build 1
+
+Summary:        Random number generator related utilities
+Name:           rng-tools
+Version:        6.14
+Release:        4.git.b2b7934e%{?dist}
+Group:          System Environment/Base
+License:        GPLv2+
+URL:            https://github.com/nhorman/rng-tools
+Source0:        %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
+Source1:        rngd.service
+Source2:        rngd-wake-threshold.service
+Source3:        60-hwrng.rules
+Source4:        jitterentropy-library-3.3.1.tar.gz
+Source5:        rngd.sysconfig
+
+Patch0:         1-je-rh-makefile.patch
+Patch1:         2-je-remove-install.patch
+Patch2:         3-rt-use-jitter-static.patch
+Patch3:         4-rt-revert-build-randstat.patch
+Patch4:         5-rt-comment-out-have-aesni.patch
+Patch5:         6-je-fix-ec-check.patch
+
+BuildRequires: gcc make
+BuildRequires: gettext
+#BuildRequires: systemd-units
+BuildRequires: systemd systemd-rpm-macros
+BuildRequires: autoconf automake
+BuildRequires: libgcrypt-devel libcurl-devel
+BuildRequires: libsysfs-devel jansson-devel
+BuildRequires: libxml2-devel openssl-devel
+#Requires(post): systemd-units
+#Requires(preun): systemd-units
+#Requires(postun): systemd-units
+Requires(post): systemd
+Requires(preun): systemd
+Requires(postun): systemd
+Requires: jansson openssl
+
+%description
+This is a random number generator daemon and its tools. It monitors
+a set of entropy sources present on a system (like /dev/hwrng, RDRAND,
+TPM, jitter) and supplies entropy from them to a kernel entropy pool.
+
+%prep
+%setup -q
+tar xf %{SOURCE4}
+mv jitterentropy-library-3.3.1 jitterentropy-library
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p0
+%patch4 -p0
+%patch5 -p0
+
+%build
+./autogen.sh
+%configure --without-pkcs11 --without-rtlsdr
+%make_build
+
+%install
+%make_install
+
+# install systemd unit file and udev rules
+install -Dt %{buildroot}%{_unitdir} -m0644 %{SOURCE1}
+install -Dt %{buildroot}%{_unitdir} -m0644 %{SOURCE2}
+install -Dt %{buildroot}%{_udevrulesdir} -m0644 %{SOURCE3}
+# install sysconfig file
+install -D %{SOURCE5} -m0644 %{buildroot}%{_sysconfdir}/sysconfig/rngd
+
+%pre
+getent passwd rngd >/dev/null || useradd -r -M -d %{_localstatedir}/lib/rngd -s /sbin/nologin -c "Random Number Generator Daemon" rngd
+
+%post
+%systemd_post rngd.service rngd-wake-threshold.service
+/usr/bin/systemctl start rngd-wake-threshold.service || :
+
+%preun
+%systemd_preun rngd.service rngd-wake-threshold.service
+
+%postun
+%systemd_postun_with_restart rngd.service rngd-wake-threshold.service
+
+%files
+%{!?_licensedir:%global license %%doc}
+%license COPYING
+%doc AUTHORS README
+%{_bindir}/rngtest
+%{_sbindir}/rngd
+%{_mandir}/man1/rngtest.1.*
+%{_mandir}/man8/rngd.8.*
+%attr(0644,root,root)   %{_unitdir}/rngd.service
+%attr(0644,root,root)   %{_unitdir}/rngd-wake-threshold.service
+%attr(0644,root,root)   %{_udevrulesdir}/60-hwrng.rules
+%config(noreplace) %attr(0644,root,root)   %{_sysconfdir}/sysconfig/rngd
+
+%changelog
+* Mon Nov 22 2021 Vladis Dronov <vdronov@redhat.com> - 6.14-4.git.b2b7934e
+- Update rng-tools to v6.14 @ b2b7934e (bz 2015570)
+- Update jitterentropy library to v3.3.1 @ 887c9871
+- Add a config file for storing rngd options
+- Fix a security issue found by a covscan in jitterentropy library
+
+* Thu Jul 22 2021 Vladis Dronov <vdronov@redhat.com> - 6.13-1.git.d207e0b6
+- Update to the upstream v6.13 + tip of origin/master + onecpu
+  branch + revert of 2ce93190
+- Rebuild rng-tools against the latest jitterentropy library
+  3.0.2-2.git.409828cf with fixes for an important issue
+- Fix a number of issues (bz 1974103, bz 1980421, bz 1859154)
+
+* Mon Jul 05 2021 Vladis Dronov <vdronov@redhat.com> - 6.8-6
+- Adjust rngd-wake-threshold.service and post section so udevadm is not
+  run in a container (bz 1975554)
+
+* Thu May 27 2021 Vladis Dronov <vdronov@redhat.com> - 6.8-5
+- Fix /dev/hwrng permissions issue at boot time (bz 1955522)
+
+* Mon May 24 2021 Vladis Dronov <vdronov@redhat.com> - 6.8-4
+- There is no need to hardcode _sbindir anymore, also the old value is
+  incorrect
+- Update the rngd.service file
+- Fix a busyloop bug (bz 1956248)
+- Fix /dev/hwrng permission issue (bz 1955522)
+
+* Tue Feb 18 2020 Neil Horman <nhorman@redhat.com> - 6.8-3
+- Fix coarse clock time on Azure (bz 180155)
+
+* Mon Dec 02 2019 Neil Horman <nhorman@redhat.com> - 6.8-2
+- Fix erroneous message due to bad errno check (bz 1776710)
+- Enable addition of 0 value for fill-watermark (bz 1776710)
+
+* Fri Nov 15 2019 Neil Horman <nhorman@redhat.com> - 6.8-1
+- Update to latest upstream (bz 1769916)
+
+* Wed Oct 09 2019 Neil Horman <nhorman@redhat.com> 6.6-5
+- Fix group typo in rngd.service (bz 1751810)
+
+* Fri Oct 04 2019 Neil Horman <nhorman@redhat.com> 6.6-4
+- Revision bump to rebuild for new CI runs
+
+* Mon Mar 25 2019 Neil Horman <nhorman@redhat.com> 6.2-3
+- Allow rngd to run as non-privledged user (bz 1692435)
+
+* Mon Dec 17 2018 Neil Horman <nhorman@redhat.com> 6.2-2
+- default to 1 thread on cpu 0 if getaffinty returns error (bz 1658855)
+
+* Thu May 17 2018 Neil Horman <nhorman@redhat.com> 6.2-1
+- Update to latest upstream
+- Add CI self tests
+
+* Thu Feb 15 2018 Adam Williamson <awilliam@redhat.com> - 6.1-4
+- Drop all attempts to 'fix' #1490632, revert spec to same as 6.1-1
+
+* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 6.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Thu Nov 02 2017 Neil Horman <nhorman@redhat.com> - 6.1-2
+- Enable rngd on entropy src availability (bz 1490632)
+
+* Tue Oct 10 2017 Neil Horman <nhorman@redhat.com> - 6.1-1
+- update to latest upstream
+
+* Fri Jul 28 2017 Neil Horman <nhorman@redhat.com> - 6-1
+- Update to latest upstream
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 5-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 5-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Tue Oct 18 2016 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 5-8
+- If device is not found exit immediately (#892178)
+
+* Sun Mar  6 2016 Peter Robinson <pbrobinson@fedoraproject.org> 5-7
+- Use %%license
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 5-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Wed Dec 10 2014 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 5-4
+- Build with hardening flags (#1051344)
+- Fail nicely if no hardware generator is found (#892178)
+- Drop unneeded dependency
+
+* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Wed Apr 23 2014 Luke Macken <lmacken@redhat.com> - 5-1
+- Update to release version 5.
+- Remove rng-tools-man.patch
+
+* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Tue Sep 25 2012 Jaromir Capik <jcapik@redhat.com> - 4-2
+- Migration to new systemd macros
+
+* Mon Aug 6 2012 Jeff Garzik <jgarzik@redhat.com> - 4-1
+- Update to release version 4.
+
+* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Thu Jan 12 2012 Jiri Popelka <jpopelka@redhat.com> - 3-4
+- 2 patches from RHEL-6
+- systemd service
+- man page fixes
+- modernize spec file
+
+* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Sat Jul  3 2010 Jeff Garzik <jgarzik@redhat.com> - 3-2
+- comply with renaming guidelines, by Providing rng-utils = 1:2.0-4.2
+
+* Sat Jul  3 2010 Jeff Garzik <jgarzik@redhat.com> - 3-1
+- Update to release version 3.
+
+* Fri Mar 26 2010 Jeff Garzik <jgarzik@redhat.com> - 2-3
+- more minor updates for package review
+
+* Thu Mar 25 2010 Jeff Garzik <jgarzik@redhat.com> - 2-2
+- several minor updates for package review
+
+* Wed Mar 24 2010 Jeff Garzik <jgarzik@redhat.com> - 2-1
+- initial revision (as rng-tools)
diff --git a/rngd-wake-threshold.service b/rngd-wake-threshold.service
new file mode 100644
index 0000000..41ef172
--- /dev/null
+++ b/rngd-wake-threshold.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=Hardware RNG Entropy Gatherer Wake threshold service
+ConditionVirtualization=!container
+Before=rngd.service
+
+[Service]
+CapabilityBoundingSet=CAP_SYS_ADMIN
+AmbientCapabilities=CAP_SYS_ADMIN
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/bin/sh -c "PSIZE=$(cat /proc/sys/kernel/random/poolsize); let THRESH=$PSIZE*3/4; echo $THRESH>/proc/sys/kernel/random/write_wakeup_threshold; udevadm trigger --sysname-match=hw_random --settle"
+
+[Install]
+WantedBy=sysinit.target
diff --git a/rngd.service b/rngd.service
new file mode 100644
index 0000000..dcca9d6
--- /dev/null
+++ b/rngd.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=Hardware RNG Entropy Gatherer Daemon
+ConditionVirtualization=!container
+Requires=rngd-wake-threshold.service
+
+# The "-f" option is required for the systemd service rngd to work with Type=simple
+[Service]
+User=rngd
+Group=rngd
+CapabilityBoundingSet=CAP_SYS_ADMIN
+AmbientCapabilities=CAP_SYS_ADMIN
+TimeoutStartSec=60s
+Type=simple
+EnvironmentFile=/etc/sysconfig/rngd
+ExecStart=/usr/sbin/rngd -f $RNGD_ARGS
+
+[Install]
+WantedBy=sysinit.target
diff --git a/rngd.sysconfig b/rngd.sysconfig
new file mode 100644
index 0000000..f0da1d9
--- /dev/null
+++ b/rngd.sysconfig
@@ -0,0 +1,3 @@
+# Optional arguments passed to rngd. See rngd(8) and
+# https://bugzilla.redhat.com/show_bug.cgi?id=1252175#c21
+RNGD_ARGS="--fill-watermark=0 -x pkcs11 -x nist"
diff --git a/sources b/sources
new file mode 100644
index 0000000..9f314ec
--- /dev/null
+++ b/sources
@@ -0,0 +1,2 @@
+SHA512 (jitterentropy-library-3.3.1.tar.gz) = 7dc17c377cf90d38057bbc135e00730a3f84bc66aeed83eca1ad1b0e1c2fb89c5346ec20bdf25d3ce27f1d21893d44e52c08e96175554c18dfa1934a8d4fd9f7
+SHA512 (rng-tools-6.14.tar.gz) = fce5c43d8a21a0d120a1f50b2b8c1efe7cbef02f7da863539749d51450992bb30c2cec96a4913ca20a608ce137a44e262471ac7f560eb8f3e9228a29b2d38fb1