Solnix.
A verifier-safe programming language for Linux kernel security.
Solnix is built for writing eBPF security policies in a safer and more structured way. It focuses on clarity, auditability, and predictable behavior that works smoothly with the Linux kernel verifier.
Solnix: A Kernel-Level Security Language
Solnix is a security-first programming language for Linux kernel enforcement and observability, combining verifier safety, clarity, and native performance. It enables writing LSM, XDP, TC, and tracing policies in a clean high-level syntax.
eBPF Native
Native support for Linux Security Modules and eBPF program types.
Verifier-Safe Design
Compile-time guard checks and bounded memory access.
Policy Enforcement
Write kernel execution, network, and syscall policies in one language.
map events {
type: .ringbuf,
max: 1 << 24
}
event exec_event {
pid: u32,
filename: bytes[256]
}
unit trace_exec_filename {
section "tracepoint/syscalls/sys_enter_execve"
license "GPL"
reg pid_tgid = ctx.get_pid_tgid()
reg pid = pid_tgid
reg filename_ptr = ctx.load_u64(16)
heap evt = events.reserve(exec_event)
if guard(evt) {
evt.pid = pid
ctx.probe_read_user_str(evt.filename, 256, filename_ptr)
events.submit(evt)
}
return 0
}Design Principles
Core Capabilities of Solnix
Native eBPF Performance
Compiles directly to eBPF bytecode without a runtime layer, delivering predictable, low-latency kernel execution.
Kernel Verifier Compliance
Static safety checks and guarded memory access ensure programs consistently satisfy Linux kernel verifier requirements.
Structured High-Level Syntax
A clear and expressive language design that replaces low-level complexity with maintainable, security-focused abstractions.
Concurrency-Safe Operations
First-class support for atomic instructions and synchronized map access in high-throughput kernel environments.