Run Linux ... on a device whose CPU has an unauditable security coprocessor? A CPU whose microcode is implemented in encrypted firmware? A device whose physical hardware can't be meaningfully audited without state actor level resources?

I don't really think such approaches are used or even viable currently. But if it ever were a concern, "run Linux" doesn't even begin to address it. (Anyway you can't run Linux if your endpoint is a phone with a locked bootloader.)

The only way that I can see this being actually safe is if you make the hardware to encrypt and decrypt the data yourself.