That's a great theory that doesnt hold up at all. Intel has chosen to support some kaby lake CPUs, msotly mobile and HDET parts. The desktop parts and a majority of the laptop parts are left to rot. These use the same CPU cores as the approved models.
Similarly, zen and zen + are the same core, zen + has numerous tweaks for both stability and pereformance, particularly in the memory controller. However the core design is largely identical. And the most recent meltdown-esq vulnerability affected both zen + and zen 2, supported models, but not the unsupported zen 1.
It should be noted that not only does linux run ona ll this (and much older) hardware, but manages to do so while consuming fewer system resources and allowing for the same type of encryption without all these restrictions. MS isnt doing this to simply its codebase, as W11 is nearly identical to 10. It's doing this to drive hardware sales, which means more OEM $$$ for windows licenses.
But Zen1 and older Intel CPUs don't have hardware support for HVCI (Hypervisor-Protected Code Integrity), so they could possibly run much slower with it enabled compared to Zen2 and newer Intel CPUs that do include it by default (Zen2 is the first AMD CPU to have hardware support for HVCI). It is an optional setting in Win10, it is called "memory integrity" in "Windows Defender" "Core Isolation settings", but it is now compulsory in all Win11 installations.
Security features only in the newest CPUs may be responsible for why your Ryzen 7 or Core i7 get abandoned by Windows 7, not just TPM requirements.
www.pcworld.com
I remember reading a number of articles and posts about it a few years ago already (which is when I first found out about it), with many users of Zen1 and older Intel CPUs complaining about a sometimes significant performance hit with HVCI enabled when it was first introduced to Win10 at that time, and that was also when I found out about the at the time upcoming Zen2 being AMDs first CPU to feature hardware support for it (and also more recent Intel CPUs).
But how much it would affect the average older PC I just don't know though, maybe the performance impact would be noticeable for some users, or maybe not, I honestly have no idea, so I cant say how it would or would not affect the majority of older PC hardware out there currently, because I honestly don't know.
But now Microsoft has made HVCI compulsory for all Win11 installations, so that likely has something to do with Win11 CPU requirements, as it matches with the CPU gens that have full HVCI hardware support, so it seems MS just doesn't want to deal with any possible performance issues on older platforms (rather than let users just disable HVCI, which would allow older PCs to run without possible performance issues, same as Win10).
My PC's are all Zen2 and Zen3, but I have never run any Win10 benchmarks with "Memory Integrity/HVCI" enabled/disabled myself, and I always have it disabled as well. So I cant speak of it's potential performance impact personally, only what I have read about online, but I would like the option of disabling it in Win11, so I could continue to disable it myself (even though I have Zen2/Zen3 CPUs with HVCI hardware support).
The real question is why MS doesn't just allow all users, regardless of whether they have older or newer hardware, the option to enable/disable HVCI (like we can in Win10), because surely they can decide for themselves how secure they want there own PC's to be? But it seems MS is more concerned with dictating everyone's security (TPM/HVCI) across the broader ecosystem, so I think that is the real debate.
Should MS be allowed to dictate to every user how secure their PC's should be, even if it makes their hardware incapable of supporting newer OS versions? And what about the potential HVCI performance impact, is there still an impact even on newer CPUs that feature hardware support, slight or otherwise? I would like the option of deciding how performant my PC shall be, even if it means less security by disabling HVCI, and I am sure older platform owners would like the option as well. I personally am all for user choice and letting them decide for themselves, but that is just my own opinion.