The "ARM Architecture Procedure Calling Standard" (AAPCS/EABI) states (5.1.1) that
"The role of register r9 is platform specific."
but
"A virtual platform [...] may designate r9 as an additional callee-saved
variable register, v6."
The question is: does the Linux kernel use r9 for some special purpose? Or is it used as a normal nonvolatile register?
A simple way of finding out how the kernel uses it is to simply build a kernel (CROSS_COMPILE=... ARCH=arm make vmlinux), and then disassemble the whole thing,
${CROSS_COMPILE}objdump -d vmlinux.o | grep 'sb|r9'
to check (Using both r9 and sb names as it depends on your objdump what exactly is output).
If you ever find it used in prologue / epilogue code (in instructions like push {..., r9, ...}, stmfd sp!, {..., r9, ...} or their corresponding pop/ldmfd) then it's callee-saved. Otherwise, just another scratch reg. The result may depend on your toolchain, kernel config options, or ARM target.
That said, if you compile a Thumb-2 kernel, it will not be callee-saved. That's because Thumb-2 push/pop only operate on the lower reg set (and lr/pc in a complementary fashion, push lr paired with pop pc).