The open standard ISA (Instruction Set Architecture) of RISC-V offers developers a wide range of standard extensions and options that support the design of an optimised processor. The RISC-V Privileged Specification includes PMP as a fundamental approach to memory protection that is essential in security applications that depend on TEE (Trusted Execution Environments) such as Keystone, OpenTitan, and many other techniques for security protection.
RISC-V processor implementations for security applications use physical memory protection (PMP) as a way to ensure memory isolation between key security applications and other activities.
The PMP specification provides a flexible and comprehensive approach based on control registers for the parameterization of modes to control the memory access, permissions, and policy. By using control registers, the actual policy and operation can be configured in software using the available hardware resources. As a consequence, the PMP policy can be configured to control the initial processor boot process and is fundamental to many systems that rely on a TEE for security applications.