Enable password-triggered site isolation by default on Android.

Also update default Android memory threshold to 1900MB, which is what
is currently used in field trials on Stable.

Bug: 905513, 849815
Change-Id: I3d62efd55ed8c34ed057d49d8084473f51a6cc41
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1836656Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org>
Commit-Queue: Alex Moshchuk <alexmos@chromium.org>
Cr-Commit-Position: refs/heads/master@{#705345}

chrome/browser/site_isolation/site_isolation_policy.cc

@@ -58,11 +58,25 @@ bool SiteIsolationPolicy::IsEnterprisePolicyApplicable() {
 
 // static
 bool SiteIsolationPolicy::ShouldDisableSiteIsolationDueToMemoryThreshold() {
-  // Using 1077 rather than 1024 because 1) it helps ensure that devices with
-  // exactly 1GB of RAM won't get included because of inaccuracies or off-by-one
-  // errors and 2) this is the bucket boundary in Memory.Stats.Win.TotalPhys2.
-  // See also https://crbug.com/844118.
+  // The memory threshold behavior differs for desktop and Android:
+  // - Android uses a 1900MB default threshold, which is the threshold used by
+  //   password-triggered site isolation - see docs in
+  //   https://crbug.com/849815.  This can be overridden via a param defined in
+  //   a kSitePerProcessOnlyForHighMemoryClients field trial.
+  // - Desktop does not enforce a default memory threshold, but for now we
+  //   still support a threshold defined via a
+  //   kSitePerProcessOnlyForHighMemoryClients field trial.  The trial
+  //   typically carries the threshold in a param; if it doesn't, use a default
+  //   that's slightly higher than 1GB (see https://crbug.com/844118).
+  //
+  // TODO(alexmos): currently, this threshold applies to all site isolation
+  // modes.  Eventually, we may need separate thresholds for different modes,
+  // such as full site isolation vs. password-triggered site isolation.
+#if defined(OS_ANDROID)
+  constexpr int kDefaultMemoryThresholdMb = 1900;
+#else
   constexpr int kDefaultMemoryThresholdMb = 1077;
+#endif
 
   // TODO(acolwell): Rename feature since it now affects more than just the
   // site-per-process case.

chrome/common/chrome_features.cc

@@ -646,11 +646,19 @@ const base::Feature kSitePerProcess {
 // Controls a mode for dynamically process-isolating sites where the user has
 // entered a password.  This is intended to be used primarily when full site
 // isolation is turned off.  To check whether this mode is enabled, use
-// ChromeSiteIsolationPolicy::IsIsolationForPasswordSitesEnabled() rather than
+// SiteIsolationPolicy::IsIsolationForPasswordSitesEnabled() rather than
 // checking the feature directly, since that decision is influenced by other
 // factors as well.
 const base::Feature kSiteIsolationForPasswordSites{
-    "site-isolation-for-password-sites", base::FEATURE_DISABLED_BY_DEFAULT};
+  "site-isolation-for-password-sites",
+// Enabled by default on Android; see https://crbug.com/849815.  Note that this
+// should not affect Android Webview, which does not include this code.
+#if defined(OS_ANDROID)
+      base::FEATURE_ENABLED_BY_DEFAULT
+#else
+      base::FEATURE_DISABLED_BY_DEFAULT
+#endif
+};
 
 // kSitePerProcessOnlyForHighMemoryClients is checked before kSitePerProcess,
 // and (if enabled) can restrict if kSitePerProcess feature is checked at all -