What is Memory Protection Unit ?

Table of Contents

  1. Introduction
  2. Hardware Based Memory Protection
  3. Hardware Based Memory Protection
  4. Importance of MPU

1. Introduction

Memory protection is a mechanism implemented in computer systems to safeguard the integrity and security of data stored in memory. It involves controlling and regulating access to memory to prevent unauthorized modifications, accidental overwrites, or unauthorized access. Memory protection techniques can be implemented at both the hardware and software levels to enforce access permissions, isolate processes, and prevent unauthorized code execution. Memory protection plays a vital role in ensuring the stability, reliability, and security of computing systems.

2. Hardware-Based Memory Protection 

Hardware-based memory protection involves utilizing hardware features and mechanisms, usually within the processor or memory management unit (MMU), to enforce control over memory access. This ensures the security and integrity of data. By implementing these features at the hardware level, systems can effectively regulate and protect memory, contributing to the overall reliability and safety of the computer system.

3. Hardware-Based Memory Protection Mechanisms

The MPU operates by dividing the system's memory into several regions, each with its own access attributes. These attributes define the allowed operations (read, write, execute) and the privilege level required to access the region. Here's a basic explanation of how the MPU works in ARM:

Memory Regions: The MPU divides the memory address space into multiple regions, and each region can have different access permissions. Regions are typically defined by specifying their base address, size, and access attributes.

Access Attributes: Each memory region has associated access attributes, which include:

a. Read (R) : Whether reading from the region is allowed or not.
b. Write (W) : Whether writing to the region is allowed or not.
c. Execute (X) : Whether executing instructions from the region is allowed or not.
d. Privilege Level (P) : Specifies the privilege level required to access the region (privileged or unprivileged).

MPU Registers: The MPU is configured and controlled through a set of registers. The most common registers are:

a. MPU Type Register: Specifies the number of supported regions by the MPU.
b. Region Base Address Register (RBAR): Defines the base address of a memory region.
c. Region Size and Enable Register (RASR): Specifies the size and access attributes of a memory region.

MPU Configuration: To enable the MPU and set up memory regions, the following steps are typically performed:

a. Disable the MPU: Initially, the MPU is disabled to configure its registers safely.
b. Configure the memory regions: Set the attributes (R/W/X/P) for each region using the RBAR and RASR registers.
c. Enable the MPU: Once the regions are configured, the MPU can be enabled to enforce the access restrictions.

Memory Access: When a memory access (read, write, or execute) is attempted, the MPU checks the access permissions of the corresponding memory region.

a. If the memory access violates the access attributes (e.g., trying to write to a read-only region), the MPU triggers a fault, such as a Memory Management Fault (MMF).
b. The MPU can also generate a fault if an attempt is made to access memory from an inappropriate privilege level.

4. Importance of MPU :

The Memory Protection Unit (MPU) is a crucial component in computer systems with various important uses :

Security: Memory protection helps prevent unauthorized access, data breaches, and malicious code execution, enhancing the overall security of the system.

Stability: By enforcing access rules and preventing unintended modifications, memory protection contributes to system stability, reducing the risk of crashes or data corruption.

Fault Isolation: Memory protection allows for fault isolation, ensuring that errors or bugs in one application or process do not impact the overall system or other running programs.

Data Integrity: Memory protection safeguards data integrity by preventing unauthorized modifications or accidental overwrites, ensuring that critical information remains intact.