Currently U-Boot does not protect the boot areas of eMMC devices. This may lead to an unsolicited replacement of the boot loader.

In https://gitlab.denx.de/u-boot/custodians/u-boot-efi/-/tree/mmc I have added a command 'mmc wp' to enable power on boot protection for the boot areas and enhanced command 'mmc info' to display the protection.

I am still contemplating what should be protected on an eMMC device:

There is a permanent write protection for boot areas. If this property is set updates are no longer possible. This capability can be permanently disabled (flag B_PERM_WP_DIS in BOOT_WP register of extended CSD [1]). The same exists for the user area.

eMMCs can be password protected. This protection might be used as a denial of service vector. The password protection feature can be permanently disabled (flag PERM_PSWD_DIS in USER_WP register of extended CSD).

Protecting the boot areas via command 'mmc wp' requires a boot script for automatic execution. Should we enable power on boot area protection inside the boot commands whenever they are called (as a customizable feature)?

[1] Embedded Multi-Media Card (e•MMC) Electrical Standard (5.1) JESD84-B51, 2015

Best regards

Heinrich