Document expectations of DICE mode

The Open Profile for DICE give possible guidelines on the requirements
for the DICE mode but Android needs those to be strictly specified.

Fix: 263144485
Test: n/a
Change-Id: Ia5fc937654504199cabf4709f1c15484242e0161

security/rkp/README.md

@@ -291,6 +291,24 @@ available on the device it should appear in the certificate request as the leaf
 of a DKCertChain in AdditionalDKSignatures (see
 [CertificateRequest](#certificaterequest)).
 
+#### Mode
+
+The Open Profile for DICE specifies four possible modes with the most important
+mode being `normal`. A certificate must only set the mode to `normal` when all
+of the following conditions are met when loading and verifying the software
+component that is being described by the certificate:
+
+*   verified boot with anti-rollback protection is enabled
+*   only the verified boot authorities for production images are enabled
+*   debug ports, fuses or other debug facilities are disabled
+*   device booted software from the normal primary source e.g. internal flash
+
+If any of these conditions are not met then it is recommended to explicitly
+acknowledge this fact by using the `debug` mode. The mode should never be `not
+configured`.
+
+#### Configuration descriptor
+
 The Open Profile for DICE allows for an arbitrary configuration descriptor. For
 BCC entries, this configuration descriptor is a CBOR map with the following
 optional fields. If no fields are relevant, an empty map should be encoded.