This. Full disk encryption worked on Linux long before TPM, and works perfectly fine now still. TPM to me seems only additionally effective in a narrow range of “evil maid” attack scenarios where your (unencrypted, unsigned) bootloader is modified at rest, such as to steal your disk encryption key later. However A) I cannot afford to hire a maid, let alone one also skilled in editing Linux initramfs images and B) I don’t see TPM evangelists check their keyboard USB cable for in-line hardware sniffers every single time they step away from their desk.