TPM relies on every link in the chain up to your OS being free of vulnerabilities. If any part has a bug, then the TPM is broken. For this kind of model, why not just put the data in one of those layers then? You've said that it's secure already.
(Most other threat models go "ok we trust some part of this is secure, and that means we can guarantee x, y, z; if that part is not secure then we cannot do this.)
(Most other threat models go "ok we trust some part of this is secure, and that means we can guarantee x, y, z; if that part is not secure then we cannot do this.)