Belated answer but hope it helps.
For unprivileged containers (i.e., those without the --privileged flag), Docker mounts /sys in the container as read-only. I don’t believe there is a way to change this behavior.
Having said this, take a look at Sysbox. It’s a new type of runc that integrates with Docker and creates “VM-like” containers. It mount /sys as read-write because the containers are rootless and is capable of emulating portions of /sys (as well as /proc).
$ docker run --runtime=sysbox-runc -it ubuntu
root@0553826001e3:/# mount | grep sysfs
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
root@0553826001e3:/# cat /proc/self/uid_map
0 165536 65536
The first instruction shows sysfs is mounted as read-write, and the second shows the container is in rootless mode.
Hope that helps!