Does mmap allocate a page or part of a page?

Question 1

If the length argument is not a page size multiple it will be rounded up to page size multiple.

As a consequence, the answer to your question is yes mmap() virtually allocates only entire pages.

Regarding mprotect() the man page clearly answer to your question:

mprotect() changes protection for the calling process's memory page(s) containing any part of the address range in the interval [addr, addr+len-1]. addr must be aligned to a page boundary.

Question 2

Yes.

But that is not because of mmap per se, it is because the kernel can't really do anything different. Memory is organized in pages, and the MMU "thinks" in terms of pages, so there is no way (no sane, reasonable way anyway) to allocate half a page and give the other half to someone else.
How would one e.g. prevent process 2 from stealing confidential data from process 1 if they each have allocated half a page? The memory protection system doesn't work that way, it would be impossible to prevent that from happening.

mmap mandates that length be non-zero, or it will fail. Other than that, it has no requirements on the input parameters (apart from contradicting flags), but of course an implementation is always allowed to have the call fail for other reasons, at its discretion ("implementation" here means for example "Linux").

The effective address of the mapping (which will be returned by a successful call to mmap) is an implementation-defined function of the address hint. Practically, this means rounding the hint down to the previous page (usually 4096 bytes) boundary and rounding the length up to the next page boundary.
Different versions of Linux behave differently on some address ranges, for example prior to version 2.6, hints below mmap_min_addr would fail with EINVAL whereas it now rounds the address up so it is valid.

Source: POSIX