Don't know how easy or effective this would be.
Not very (for reasonable definitions of 'effective'), I don't think. Any kernel modification must be released under GPL, and due to the boot process of the BCM2835, it's trivial to replace the kernel with one of the user's design (which pulls a small serial-console-starting init from the FAT32 partition or something), then the system is wide open and the cleartext of the filesystems should be easy to get.
You could move up the chain and write a custom bootloader that checks the kernel signature and decrypts it, but again, due to the BCM2835's boot process, the user could easily replace that bootloader with one that has the signature checking removed - among other attacks. Reversing the encryption key generation probably wouldn't be difficult without you going to great lengths to obfuscate it, so then they can do the same kernel replacement attack, or simply use the determined key to try to decrypt the image outside of the host machine.
This does of course assume your product will be using Linux. If not Linux the reversing job will be more difficult because they won't have the source, but the same attack (among others involving a modified bootloader) is possible.
Like any DRM scheme, you're basically just putting speedbumps in the way. Since the 'attacker' must have access to the content you're trying to protect (to execute it...), wasting effort trying to stop them very quickly gets to steeply diminishing returns, and stopping them - or even providing a significant barrier is basically impossible without a secure boot chain - which the Raspberry Pi doesn't offer.
Basically if you want to base your product on the Raspberry Pi hardware I would simply start from the assumption that clones will be easy to create and go from there. Change your business model to accomodate them or give up now. No matter what lengths you go to trying to prevent them, if there's profit in it, they will find a solution, since the old adage about physical access definitely applies here, probably moreso than it does in many other embedded systems due to the way the system boots.
Also I would like to point out that a 'clone' probably doesn't violate your IP unless they are actually using your code. I don't know what you're trying to make here, but unless it is very complex, it'll probably be cloned in the true sense of the word anyway, without any IP rights infringement taking place. Really you should be prepared for this regardless of how strong or weak your protection scheme is.