(no title)

The goal of AMD's SEV and other features is that the only way to compromise the system is to tamper the wires between the CPU die and the IO die, that all data going outside the CPU die is encrypted, an extra hardware TPM chip module let you MITM the keys being sent to the CPU, having the keys stored in the CPU using fTPM, and never plaintext / keys leave or enter the CPU via PCIe or memory bus.

the "chipset" is literally just a PCIe/USB multiplexer these days, the CPU has no access to external hardware until after the firmware has loaded, the firmware has routines for turning on the memory and memory controller, PCIe etc, I don't think people understand just how utterly useless the CPU is without the firmware.