Merge "Document expectations of DICE mode" am: ebcdcdbc03

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2583537

Change-Id: I83d72bd6ab9a622e2edc39b463ffad5245845a8c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

security/rkp/README.md

@@ -291,6 +291,24 @@ available on the device it should appear in the certificate request as the leaf
 of a DKCertChain in AdditionalDKSignatures (see
 [CertificateRequest](#certificaterequest)).
 
+#### Mode
+
+The Open Profile for DICE specifies four possible modes with the most important
+mode being `normal`. A certificate must only set the mode to `normal` when all
+of the following conditions are met when loading and verifying the software
+component that is being described by the certificate:
+
+*   verified boot with anti-rollback protection is enabled
+*   only the verified boot authorities for production images are enabled
+*   debug ports, fuses or other debug facilities are disabled
+*   device booted software from the normal primary source e.g. internal flash
+
+If any of these conditions are not met then it is recommended to explicitly
+acknowledge this fact by using the `debug` mode. The mode should never be `not
+configured`.
+
+#### Configuration descriptor
+
 The Open Profile for DICE allows for an arbitrary configuration descriptor. For
 BCC entries, this configuration descriptor is a CBOR map with the following
 optional fields. If no fields are relevant, an empty map should be encoded.