AU: Split applied update verification into a separate step.

install_plan.h

Index: install_plan.h
diff --git a/install_plan.h b/install_plan.h
index 9911d3253bf6efece545291eab017850690c0d12..08472c8b58d611c6bede12aba3bd4c7bdc83ef64 100644
--- a/install_plan.h
+++ b/install_plan.h
@@ -29,7 +29,9 @@ struct InstallPlan {
         size(size),
         download_hash(hash),
         install_path(install_path),
-        kernel_install_path(kernel_install_path) {}
+        kernel_install_path(kernel_install_path),
+        kernel_size(0),
+        rootfs_size(0) {}
   InstallPlan() : is_full_update(false), is_resume(false), size(0) {}
 
   bool is_full_update;
@@ -39,8 +41,22 @@ struct InstallPlan {
   std::string download_hash;  // hash of the data at the url
   std::string install_path;  // path to install device
   std::string kernel_install_path;  // path to kernel install device
-  std::vector<char> current_kernel_hash;  // computed by FileSystemCopierAction
-  std::vector<char> current_rootfs_hash;  // computed by FileSystemCopierAction
+
+  // The fields below are used for kernel and rootfs verification. The flow is:
+  //
+  // 1. FilesystemCopierAction(verify_hash=false) computes and fills in the
+  // source partition sizes and hashes.
+  //
+  // 2. DownloadAction verifies the source partition sizes and hashes against
+  // the expected values transmitted in the update manifest. It fills in the
+  // expected applied partition sizes and hashes based on the manifest.
+  //
+  // 4. FilesystemCopierAction(verify_hashes=true) computes and verifies the
+  // applied partition sizes and hashes against the expected values.
+  uint64_t kernel_size;
+  uint64_t rootfs_size;
+  std::vector<char> kernel_hash;
+  std::vector<char> rootfs_hash;
 
   bool operator==(const InstallPlan& that) const {
     return (is_full_update == that.is_full_update) &&