If you trust the software you booted (which seems to be the main feature), why would you need a hardware module to sign your logs? I.e. what additional attack scenarios does hardware-based log signing prevent?
The best security is like an onion. Let's say something goes wrong/funky and you're concerned an outside actor may have somehow gained access to the "secure" system. Can you trust your logs?
The log signing prevents undetected tampering after-the-fact; the goal is to make it readily apparent when log messages are altered or deleted, even by parties with root access.