Secure boot is an effective defense mechanism against attacks on system images. However, traditional secure boot mechanisms could not well serve in the IoT scenario. They usually integrate the root key and cryptographic algorithms used for boot authentication into read-only storage like on-chip ROM, which can only be written by the manufacturer and are unchangeable once written. Modification of cryptographic algorithms and root key is sometimes necessary in the IoT scenario. First, some on-the-market IoT devices are shipped with vulnerable cryptographic algorithms (e.g., SHA-1, RSA-1024) that need to be updated. Second, when transferring the ownership of IoT devices, it may be essential to change the root key of IoT devices. In this paper, we propose a secure boot solution for IoT devices, which supports changing the root key and cryptographic algorithms flexibly. Specifically, we store the secure boot associated codes and data in the eMMC (embedded MultiMediaCard), which is a storage device widely deployed on IoT devices. We leverage the write protection mechanism of eMMC to prevent the codes and data from being tampered with by the runtime codes. In addition, a secure cryptographic algorithms and root key updating mechanism has been introduced, which allows only legal updating requests by verifying the identity of the requester. The experimental results show that the scheme can boot the system securely with negligible overhead.