Yep, that's correct, just haven't had the board at hand to check at the time.
So generally speaking everything we know about is being read off of the eMMC and as such can be rewritten from Linux and most probably from U-Boot console as well (I haven't tried, but it has access to the very same eMMC and has functionality of reading files and writing them to eMMC at arbitrary places, so all the pieces are available).
But there is that Trusted ROM mentioned in the presentation and I would guess it's not a random term just thrown in there - so there's hopefully some mechanism one could use. Let's see what Peter finds out