diff --git a/CHANGES.md b/CHANGES.md
index d283d222..8ab8b320 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -45,6 +45,7 @@
 
 ### v0.5.4
 ```
+- Ensure inode_setxattr does not generate provenance.
 - Ensure inode_getsecurity does not generate provenance.
 - Associate task_id with relations.
 - Internal refactoring.
diff --git a/include/uapi/linux/provenance.h b/include/uapi/linux/provenance.h
index 221334c9..017d84cb 100644
--- a/include/uapi/linux/provenance.h
+++ b/include/uapi/linux/provenance.h
@@ -31,7 +31,7 @@
 	"."xstr (CAMFLOW_VERSION_MINOR)					\
 	"."xstr (CAMFLOW_VERSION_PATCH)					\
 
-#define CAMFLOW_COMMIT "4f4001896997e7a9704b46f2c07618258636096d"
+#define CAMFLOW_COMMIT "406fecb9837107d3282d47f82fc98d5394b148d2"
 
 #define PROVENANCE_HASH                 "sha256"
 
diff --git a/security/provenance/hooks.c b/security/provenance/hooks.c
index ae66cf23..8a5df3ef 100644
--- a/security/provenance/hooks.c
+++ b/security/provenance/hooks.c
@@ -765,7 +765,7 @@ static int provenance_inode_setxattr(struct dentry *dentry,
 	if (strcmp(name, XATTR_NAME_PROVENANCE) == 0) { // Provenance xattr
 		if (size != sizeof(union prov_elt))
 			return -ENOMEM;
-		prov = get_dentry_provenance(dentry, true);
+		prov = get_dentry_provenance(dentry, false);
 		setting = (union prov_elt *)value;
 
 		if (provenance_is_tracked(setting))