It is. The idea behind using a embedded trusted computing device in this fashion is that you can store a AFU encryption/decryption keys in the trusted computing device and lower-entropy password like a 4-digit pin or biometrics, with the trusted computing device preventing a brute force attack.

But this is unnecessary if your encryption password has enough entropy in the first place, because it cannot be brute forced. This is the security model of most linux distros that use full disk encryption with LUKS. And android already lets you do this, it is just less convenient.

I use grapheneOS with a high entropy BFU password and a low entropy biometric AFU fingerprint. My linux setup works in the same way. The BFU password is the only "real" password that secures you and encrypts your data. The AFU password is a just temporary screen lock that is vulnerable to side channel attacks because the decryption keys are still in memory.