media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221

mainline inclusion
from mainline-v6.4-rc3
commit 280a8ab8
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I63D3C
CVE: CVE-2022-45919

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=280a8ab81733da8bc442253c700a52c4c0886ffd

-------------------------------------------------

If the device node of dvb_ca_en50221 is open() and the
device is disconnected, a UAF may occur when calling
close() on the device node.

The root cause is that wake_up() and wait_event() for
dvbdev->wait_queue are not implemented.

So implement wait_event() function in dvb_ca_en50221_release()
and add 'remove_mutex' which prevents race condition
for 'ca->exit'.

[mchehab: fix a checkpatch warning]

Link: https://lore.kernel.org/linux-media/20221121063308.GA33821@ubuntu


Signed-off-by: Hyunwoo Kim <v4bel@theori.io>
Signed-off-by: Mauro Carvalho Chehab <mchehab@kernel.org>
Signed-off-by: ZhangPeng <zhangpeng362@huawei.com>