"DRM will be unusable outside Windows" is already the case.
"Documents can only be opened by authorised users" sounds like a dream come true.
"You can't boot Linux by default" is annoying, but hardly a deal breaker. Statistically, almost nobody runs Linux on their devices. Valve could make a change in the Linux landscape if they actually get SteamOS off the ground (third time's the charm, right?) but so far SteamOS 3 is only meant to be used by their own hardware.
It's been decades since I last heard about powerful Windows rootkits because you can't just swap out the bootloader anymore. You could try it and risk a non booting victim system, but you're not extracting data or injecting ads into the kernel that way. Malware hasn't gone away (partially because Microsoft doesn't want to break old, signed, vulnerable device drivers that are used to bypass signature requirements and gain kernel access) but it's harder to gain good persistence now.
I get it, I want to run Linux on these devices as well. All of this stuff should be easy enough to disable if you're the owner of the device. However, your freedom to use your device however you want doesn't imply that others have to put up with your choices. If I choose to only accept Microsoft Panopticon Validated Devices onto my network, that's my business, no matter how foolish it might be. Distributing my software as a .exe isn't some kind of violation of your constitutional right to run OpenBSD, it's a business choice.
Personally, I'd love to see a similar system provide a hardware root of trust for Linux as well. Qubes being able to verify every single step of the boot process and securely loading the system's (several) security keys would be a great security benefit. Hell, I'd even like to see the option to only run signed software on my machine to ensure the executables haven't been tampered with, either signed by the distro maintainers or by myself during the install process, but Linux doesn't have such features or configuration accessible.
As long as it's possible to disable this stuff or to configure it for your own, personal key set, I'm all for this stuff. I want the freedom to secure my (Linux or Windows) system in hardware, as long as you have the freedom to turn it all off if you disagree. I don't buy Microsoft hardware specifically because I can't disable or configure that crap, despite their excellent pen support and fancy designs, and I think others should do the same. That's my personal choice, though.