Edit to add: we can obviously pass on the RDRAND instruction directly to the VM, but that's less portable, because not all servers in a server farm may have that instruction available, limiting live migration capabilities.
So we can just pass on output from RDSEED into the host's /dev/random, and feed the VM /dev/random by default as described.
other than the x86 instruction set there are some SOCs that embeds a hwrng directly, the one I used is Freescale iMX6 that has a FIPS-certified hwrng, which is very handy.
Keep in mind, though, that just accessing /dev/urandom in the guest won't need too much input from the host.
However, having a hwrng is obviously the preferred option where there is need for a lot of entropy.