Has anyone seen any solution for this that actually works, or is this the Holy Grail of all IT? Please hold off on any Google haters, that's a different discussion for a different forum.
China only does assembly. They do not design the chips, and they do not write the software.
Not only that, there is the problem that nearly everyone chooses to ignore, the insecure baseband system and processor. One of the biggest moves China could make would be to both design and certify a processor and a baseboand OS. Then they could just run their own version of Replicant or whatever on the other processor while knowing that the 'hidden' part of the system is also clean. It's the certification that is a big barrier for most teams but China could squash it easily.