diff --git a/public/crash_dump.te b/public/crash_dump.te
index f70b48115e4ffdfc2e7b6cb2fd70737d35b0ce1e..e1327e49e00cef418097d143ac06d4b1fc016084 100644
--- a/public/crash_dump.te
+++ b/public/crash_dump.te
@@ -8,6 +8,11 @@ allow crash_dump {
   -keystore
   -logd
 }:process { ptrace signal sigchld sigstop sigkill };
+
+# crash_dump might inherit CAP_SYS_PTRACE from a privileged process,
+# which will result in an audit log even when it's allowed to trace.
+dontaudit crash_dump self:capability { sys_ptrace };
+
 userdebug_or_eng(`
   allow crash_dump logd:process { ptrace signal sigchld sigstop sigkill };
 ')