Index: sys/kern/kern_sysctl.c
===================================================================
--- sys/kern/kern_sysctl.c
+++ sys/kern/kern_sysctl.c
@@ -2354,6 +2354,14 @@
 	return (error);
 }
 
+/*
+ * Some systems, in particular those without swap, do not benefit from a
+ * restriction on user page wiring.
+ */
+static bool __read_mostly g_sysctl_do_memlock = true;
+SYSCTL_BOOL(_kern, OID_AUTO, sysctl_memlock, CTLFLAG_RWTUN,
+    &g_sysctl_do_memlock, 0, "Limit user memory wired for sysctl requests");
+
 /*
  * This is used from various compatibility syscalls too.  That's why name
  * must be in kernel space.
@@ -2397,9 +2405,12 @@
 		ktrsysctl(name, namelen);
 #endif
 	memlocked = 0;
-	if (req.oldptr && req.oldlen > 4 * PAGE_SIZE) {
+	if (req.oldptr != NULL && req.oldlen > 4 * PAGE_SIZE &&
+	    g_sysctl_do_memlock) {
+		error = sx_xlock_sig(&sysctlmemlock);
+		if (error)
+			return (error);
 		memlocked = 1;
-		sx_xlock(&sysctlmemlock);
 	}
 	CURVNET_SET(TD_TO_VNET(td));