diff --git a/1076-newfeature-support-vpsp.patch b/1076-newfeature-support-vpsp.patch
new file mode 100644
index 0000000000000000000000000000000000000000..2efaa127db0132ad828866dd11f379036ad7426e
--- /dev/null
+++ b/1076-newfeature-support-vpsp.patch
@@ -0,0 +1,190 @@
+From fd593b7516631ed0dce757cdce4d10b28971c553 Mon Sep 17 00:00:00 2001
+From: xiongmengbiao <xiongmengbiao@hygon.cn>
+Date: Wed, 6 Mar 2024 17:43:57 +0800
+Subject: [PATCH] [newfeature]: support vpsp
+
+simulate a psp misc device for support tkm's key isolation
+
+Signed-off-by: xiongmengbiao <xiongmengbiao@hygon.cn>
+---
+ hw/misc/Kconfig     |   4 ++
+ hw/misc/meson.build |   1 +
+ hw/misc/psp.c       | 141 ++++++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 146 insertions(+)
+ create mode 100644 hw/misc/psp.c
+
+diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig
+index 507058d8b..d1d05442d 100644
+--- a/hw/misc/Kconfig
++++ b/hw/misc/Kconfig
+@@ -171,4 +171,8 @@ config SIFIVE_U_PRCI
+ config VIRT_CTRL
+     bool
+ 
++config PSP_DEV
++    bool
++    default y
++
+ source macio/Kconfig
+diff --git a/hw/misc/meson.build b/hw/misc/meson.build
+index 3f41a3a5b..39e583631 100644
+--- a/hw/misc/meson.build
++++ b/hw/misc/meson.build
+@@ -10,6 +10,7 @@ softmmu_ss.add(when: 'CONFIG_UNIMP', if_true: files('unimp.c'))
+ softmmu_ss.add(when: 'CONFIG_EMPTY_SLOT', if_true: files('empty_slot.c'))
+ softmmu_ss.add(when: 'CONFIG_LED', if_true: files('led.c'))
+ softmmu_ss.add(when: 'CONFIG_PVPANIC_COMMON', if_true: files('pvpanic.c'))
++softmmu_ss.add(when: 'CONFIG_PSP_DEV', if_true: files('psp.c'))
+ 
+ # ARM devices
+ softmmu_ss.add(when: 'CONFIG_PL310', if_true: files('arm_l2x0.c'))
+diff --git a/hw/misc/psp.c b/hw/misc/psp.c
+new file mode 100644
+index 000000000..1cfbab859
+--- /dev/null
++++ b/hw/misc/psp.c
+@@ -0,0 +1,141 @@
++/*
++ * hygon psp device emulation
++ *
++ * Copyright 2024 HYGON Corp.
++ *
++ * This work is licensed under the terms of the GNU GPL, version 2 or (at
++ * your option) any later version. See the COPYING file in the top-level
++ * directory.
++ */
++
++#include "qemu/osdep.h"
++#include "qemu/compiler.h"
++#include "qemu/error-report.h"
++#include "qapi/error.h"
++#include "migration/vmstate.h"
++#include "hw/qdev-properties.h"
++#include "sysemu/runstate.h"
++#include <sys/ioctl.h>
++
++#define TYPE_PSP_DEV "psp"
++OBJECT_DECLARE_SIMPLE_TYPE(PSPDevState, PSP_DEV)
++
++struct PSPDevState {
++    /* Private */
++    DeviceState pdev;
++
++    /* Public */
++    Notifier shutdown_notifier;
++    int dev_fd;
++    uint8_t enabled;
++
++    /**
++     * vid is used to identify a virtual machine in qemu.
++     * When a virtual machine accesses a tkm key,
++     * the TKM module uses different key spaces based on different vids.
++    */
++    uint32_t vid;
++};
++
++#define PSP_DEV_PATH "/dev/hygon_psp_config"
++#define HYGON_PSP_IOC_TYPE      'H'
++#define PSP_IOC_MUTEX_ENABLE    _IOWR(HYGON_PSP_IOC_TYPE, 1, NULL)
++#define PSP_IOC_MUTEX_DISABLE   _IOWR(HYGON_PSP_IOC_TYPE, 2, NULL)
++#define PSP_IOC_VPSP_OPT        _IOWR(HYGON_PSP_IOC_TYPE, 3, NULL)
++
++enum VPSP_DEV_CTRL_OPCODE {
++    VPSP_OP_VID_ADD,
++    VPSP_OP_VID_DEL,
++};
++
++struct psp_dev_ctrl {
++    unsigned char op;
++    union {
++        unsigned int vid;
++        unsigned char reserved[128];
++    } data;
++};
++
++static void psp_dev_destroy(PSPDevState *state)
++{
++    struct psp_dev_ctrl ctrl = { 0 };
++    if (state && state->dev_fd) {
++        if (state->enabled) {
++            ctrl.op = VPSP_OP_VID_DEL;
++            if (ioctl(state->dev_fd, PSP_IOC_VPSP_OPT, &ctrl) < 0) {
++                error_report("VPSP_OP_VID_DEL: %d", -errno);
++            } else {
++                state->enabled = false;
++            }
++        }
++        qemu_close(state->dev_fd);
++        state->dev_fd = 0;
++    }
++}
++
++/**
++ * Guest OS performs shut down operations through 'shutdown' and 'powerdown' event.
++ * The 'powerdown' event will also trigger 'shutdown' in the end,
++ * so only attention to the 'shutdown' event.
++ *
++ * When Guest OS trigger 'reboot' or 'reset' event, to do nothing.
++*/
++static void psp_dev_shutdown_notify(Notifier *notifier, void *data)
++{
++    PSPDevState *state = container_of(notifier, PSPDevState, shutdown_notifier);
++    psp_dev_destroy(state);
++}
++
++static void psp_dev_realize(DeviceState *dev, Error **errp)
++{
++    struct psp_dev_ctrl ctrl = { 0 };
++    PSPDevState *state = PSP_DEV(dev);
++
++    state->dev_fd = qemu_open_old(PSP_DEV_PATH, O_RDWR);
++    if (state->dev_fd < 0) {
++        error_setg(errp, "fail to open %s, errno %d.", PSP_DEV_PATH, errno);
++        goto end;
++    }
++
++    ctrl.op = VPSP_OP_VID_ADD;
++    ctrl.data.vid = state->vid;
++    if (ioctl(state->dev_fd, PSP_IOC_VPSP_OPT, &ctrl) < 0) {
++        error_setg(errp, "psp_dev_realize VPSP_OP_VID_ADD vid %d, return %d", ctrl.data.vid, -errno);
++        goto end;
++    }
++
++    state->enabled = true;
++    state->shutdown_notifier.notify = psp_dev_shutdown_notify;
++    qemu_register_shutdown_notifier(&state->shutdown_notifier);
++end:
++    return;
++}
++
++static struct Property psp_dev_properties[] = {
++    DEFINE_PROP_UINT32("vid", PSPDevState, vid, 0),
++    DEFINE_PROP_END_OF_LIST(),
++};
++
++static void psp_dev_class_init(ObjectClass *klass, void *data)
++{
++    DeviceClass *dc = DEVICE_CLASS(klass);
++
++    dc->desc = "PSP Device";
++    dc->realize = psp_dev_realize;
++    set_bit(DEVICE_CATEGORY_MISC, dc->categories);
++    device_class_set_props(dc, psp_dev_properties);
++}
++
++static const TypeInfo psp_dev_info = {
++    .name = TYPE_PSP_DEV,
++    .parent = TYPE_DEVICE,
++    .instance_size = sizeof(PSPDevState),
++    .class_init = psp_dev_class_init,
++};
++
++static void psp_dev_register_types(void)
++{
++    type_register_static(&psp_dev_info);
++}
++
++type_init(psp_dev_register_types)
+-- 
+2.36.6
+
diff --git a/qemu-kvm.spec b/qemu-kvm.spec
index c3281366041129777636eae05451e26a89f88f15..fbafe9d1b0eb46bc25719c7538171926a16b3251 100644
--- a/qemu-kvm.spec
+++ b/qemu-kvm.spec
@@ -92,7 +92,7 @@ Obsoletes: %1-rhev <= %{epoch}:%{version}-%{release}
 Summary: QEMU is a machine emulator and virtualizer
 Name: qemu-kvm
 Version: 6.2.0
-Release: 42%{?rcrel}%{anolis_release}%{?dist}.1
+Release: 43%{?rcrel}%{anolis_release}%{?dist}.1
 # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
 Epoch: 15
 License: GPLv2 and GPLv2+ and CC-BY
@@ -879,6 +879,7 @@ Patch1073: 1073-kvm-net-Provide-MemReentrancyGuard-to-qemu_new_nic.patch
 # https://github.com/qemu/qemu/commit/9050f976e447444ea6ee2ba12c9f77e4b0dc54bc
 Patch1074: 1074-kvm-net-Update-MemReentrancyGuard-for-NIC.patch
 Patch1075: 1075-anolis-target-i386-sev-Add-support-for-reuse-ASID-fo.patch
+Patch1076: 1076-newfeature-support-vpsp.patch
 
 BuildRequires: wget
 BuildRequires: rpm-build
@@ -2117,6 +2118,9 @@ sh %{_sysconfdir}/sysconfig/modules/kvm.modules &> /dev/null || :
 %endif
 
 %changelog
+* Wed Mar 06 2024 Mengbiao Xiong <xiongmengbiao@hygon.cn> - 6.2.0-43.0.1.1
+- Support tkm key isolation
+
 * Wed Feb 02 2024 Liyang Han <hanliyang@hygon.cn> - 6.2.0-42.0.1.1
 - Support reuse ASID for CSV guests