An MPU region can contain critical data. This is because it takes more than one bus transaction to update. This is normally two words. As a result, it is not thread safe. That is, an interrupt can split the two words, leaving the region with incoherent information. There are two different issues:
An interrupt can come in that would also update the MPU. This is not only a read-modify-write issue, it also affects cases where the interrupt routine is guaranteed not to modify the same region. This is because the programming relies on the region number being written into a register so that it knows which region to update. So in this case, you must disable interrupts around each update routine.
An interrupt can come in that would use the region being updated or would be affected because only the base or size fields had been updated. If the new size field is changed, but the base is not, the base+new_size might overlap into an area normally handled by another region. In this case, the disable-modify-enable approach is required.
But for standard OS context switch code, which would change user regions, there is no risk, because these regions would be preset to user privilege and a user area address. This means that even an interrupt would cause no side effect. Therefore the disable/enable code is not required nor is interrupt disable.
The most common approach is to only program the MPU from boot code and context switcher. If these are the only two places, and the context switcher is only updating user regions, then disable is not required because the context switcher is already a critical region and the boot code runs with interrupts disabled.