> generally choose AMD GPUs for the best experience with open drivers these days on systems I need high GPU performance from.

Do you count binary firmware as 'open' or not? If not, AMD is not 'open' either. If you do, Nvidia now also has open kernel drivers. Mesa developers are exploring ways to get the new Mesa Nvidia Vulkan driver (NVK) to run on top of the open Nvidia kernel driver, which should eventually make Nvidia drivers as open as AMD.

The binary firmware on an external module over a PCI bus should not have the ability to manipulate my current operating system and exfiltrate data without being noticed, but it is a non zero chance which is why on all my x86_64 workstations I run QubesOS so most hardware components are well isolated from each other with hypervisors, in addition to only open source code in my operating system and kernel layers, which is best effort today on such systems.

I generally only run gaming graphics cards on dedicated gaming machines, not on workstations I need to be able to trust. You can't use accelerated graphics in qubes anyway, specifically because graphics cards are hard to trust.

My requirements from a workstation are:

1. MUST have 100% open source code loaded in system memory

2. SHOULD have open source software in the boot trust path (coreboot/tpm2 secure boot, etc)

3. SHOULD have open hardware to the furthest extent possible that meets my use case

4. SHOULD be fully auditable and tamper evident using at-home tools and methods (like the Precursor)