I think the idea is that the TPM stores they keys for full-disk encryption, and hands them to the CPU only if trusted software is running.

...