Add legal permissions invariant for tagged capabilities (#450)

Author: mayyamal

src/cap-description.adoc

@@ -560,6 +560,7 @@ CHERI enforces the following invariants for all valid (i.e., tagged) capabilitie
 
 . The bounds are not malformed.
 . No reserved bit in the capability encoding is set.
+. The permissions can be legally produced by <<ACPERM>>.
 
 A tagged capability that violates those invariants (i.e., a tagged but malformed capability or a tagged
 capability with any reserved bit set) can only possibly be caused by